blog.s.id Open in urlscan Pro
2606:4700:20::681a:7f9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/5671102AA
Effective URL:
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source...
Submission: On December 13 via api (December 13th 2023, 1:33:36 am UTC) from LU — Scanned from DE

Summary HTTP 256 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 60 IPs in 13 countries across 47 domains to perform 256 HTTP transactions. The main IP is 2606:4700:20::681a:7f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.s.id.
TLS certificate: Issued by GTS CA 1P5 on December 8th 2023. Valid for: 3 months.

This is the only time blog.s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
36	2606:4700:20:... 2606:4700:20::681a:7f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c06::54	15169 (GOOGLE) (GOOGLE)
1	45.126.58.90 45.126.58.90	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:78e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.138.6 162.159.138.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.95.74 65.9.95.74	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.48.81.28 52.48.81.28	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4 21	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 6	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	52.86.155.246 52.86.155.246	14618 (AMAZON-AES) (AMAZON-AES)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	35.214.190.53 35.214.190.53	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	3.123.203.242 3.123.203.242	16509 (AMAZON-02) (AMAZON-02)
1	69.166.1.34 69.166.1.34	27630 (AS-XFERNET) (AS-XFERNET)
1 1	124.146.153.166 124.146.153.166	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	52.194.23.155 52.194.23.155	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:6a::6	15169 (GOOGLE) (GOOGLE)
1 2	54.247.4.160 54.247.4.160	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1	52.59.107.120 52.59.107.120	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 2	108.128.70.10 108.128.70.10	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:212... 2600:9000:2127:c000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	217.79.188.59 217.79.188.59	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6	2600:1f13:800... 2600:1f13:800:7782:c9df:b77c:1926:7ee4	16509 (AMAZON-02) (AMAZON-02)
256	60

2 193.84.85.178 (Russian Federation) 2 redirects

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:7f9 (United States)

ASN13335 (CLOUDFLARENET, US)

home.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.126.58.90 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sdotid.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sdotid.adg.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78e (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.6 (None, )

ASN13335 (CLOUDFLARENET, US)

shortener.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-74.prg50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.81.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.141 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.155.246 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-155-246.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.190.53 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 53.190.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.122.57.34 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.123.203.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.166 (Kakegawa, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.194.23.155 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-23-155.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:6a::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5ednsl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.4.160 (Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-4-160.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.107.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-107-120.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.70.10 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-70-10.eu-west-1.compute.amazonaws.com

jpmcbankna.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:c000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.21 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7782:c9df:b77c:1926:7ee4 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com ade.googlesyndication.com — Cisco Umbrella Rank: 293	483 KB
46	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	606 KB
39	s.id 2 redirects s.id — Cisco Umbrella Rank: 135548 home.s.id — Cisco Umbrella Rank: 893356 app.s.id — Cisco Umbrella Rank: 410529 Failed blog.s.id	764 KB
22	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r1---sn-4g5ednsl.c.2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	4 MB
14	gstatic.com csi.gstatic.com fonts.gstatic.com	63 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	104 KB
11	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2043 ekr.zdassets.com — Cisco Umbrella Rank: 2264	252 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	705 KB
8	google.com accounts.google.com — Cisco Umbrella Rank: 23 region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	81 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487 ajax.googleapis.com — Cisco Umbrella Rank: 340	300 KB
6	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	5 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	adition.com 1 redirects ad4.adfarm1.adition.com — Cisco Umbrella Rank: 65170 ad2.adfarm1.adition.com — Cisco Umbrella Rank: 54473 imagesrv.adition.com — Cisco Umbrella Rank: 17335	625 B
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	436 B
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	748 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	zendesk.com sdotid.zendesk.com Failed shortener.zendesk.com	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	625 B
2	demdex.net 1 redirects jpmcbankna.demdex.net — Cisco Umbrella Rank: 9566	1 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	584 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	bidtheatre.com 2 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901	1 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 870	801 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	3 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	651 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	91 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	23 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 6834	44 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	1018 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 951	401 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	715 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2935	1 KB
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1209	684 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	protagcdn.com protagcdn.com — Cisco Umbrella Rank: 102840	126 KB
1	adg.id cdn-sdotid.adg.id — Cisco Umbrella Rank: 398617	39 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
256	47

	Domain	Requested by
28	pagead2.googlesyndication.com	blog.s.id pagead2.googlesyndication.com tpc.googlesyndication.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
21	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
21	blog.s.id	home.s.id blog.s.id static.cloudflareinsights.com
16	s0.2mdn.net	home.s.id s0.2mdn.net
15	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com imasdk.googleapis.com home.s.id
15	home.s.id	home.s.id static.cloudflareinsights.com
10	csi.gstatic.com	imasdk.googleapis.com
9	securepubads.g.doubleclick.net	blog.s.id securepubads.g.doubleclick.net ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
9	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
9	static.zdassets.com	home.s.id static.zdassets.com blog.s.id
9	www.googletagmanager.com	home.s.id www.googletagmanager.com blog.s.id
6	dt.adsafeprotected.com
5	www.google.com	home.s.id tpc.googlesyndication.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
4	r1---sn-4g5ednsl.c.2mdn.net
4	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	imasdk.googleapis.com	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
4	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	static.adsafeprotected.com	fw.adsafeprotected.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
3	googleads4.g.doubleclick.net	home.s.id
3	x.bidswitch.net	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
3	www.google.de	home.s.id blog.s.id
2	ade.googlesyndication.com
2	jpmcbankna.demdex.net	1 redirects ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
2	onetag-sys.com	1 redirects ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	fw.adsafeprotected.com	1 redirects home.s.id
2	gcdn.2mdn.net	2 redirects
2	match.adsby.bidtheatre.com	2 redirects
2	csync.loopme.me	2 redirects
2	secure.adnxs.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	d5p.de17a.com	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	fonts.googleapis.com	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
2	oajs.openx.net	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	sdotid.zendesk.com	static.zdassets.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	ekr.zdassets.com	static.zdassets.com
2	connect.facebook.net	home.s.id connect.facebook.net
2	static.cloudflareinsights.com	home.s.id blog.s.id
2	s.id	2 redirects
1	imagesrv.adition.com
1	ad2.adfarm1.adition.com	1 redirects
1	ad4.adfarm1.adition.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	ajax.googleapis.com	s0.2mdn.net
1	match.sharethrough.com	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1	cc.adingo.jp	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1	tg.socdm.com	1 redirects
1	sync.go.sonobi.com	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	a.rfihub.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	match.adsrvr.org	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1	www.googletagservices.com	ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	shortener.zendesk.com	static.zdassets.com
1	protagcdn.com	blog.s.id
1	cdn-sdotid.adg.id	blog.s.id
1	www.facebook.com	home.s.id
1	accounts.google.com	home.s.id
1	app.s.id	home.s.id
256	77

This site contains links to these domains. Also see Links.

Domain
s.id
protagcdn.com
home.s.id
instagram.com
twitter.com
facebook.com
tiktok.com

Subject Issuer	Validity	Valid
s.id GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-21` - `2023-12-20`	3 months	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
app.s.id R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sdotid.zendesk.com Cloudflare Inc ECC CA-3	`2023-11-19` - `2024-11-18`	a year	crt.sh
adg.id E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
protagcdn.com E1	`2023-10-27` - `2024-01-25`	3 months	crt.sh
zendesk.com E1	`2023-11-17` - `2024-02-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Frame ID: 10E2EB35CC987366F06C5A71C1991EF6
Requests: 92 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Frame ID: 44502D996890C9A309D142D97AFF7E13
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup.html
Frame ID: BB91E0D9BA2F6CF86F8D997C83E3DC40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1702431210&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702431210699&bpp=3&bdt=121&idt=193&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8535591287261&frm=20&pv=2&ga_vid=144635658.1702431210&ga_sid=1702431211&ga_hid=1439740521&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C31080037%2C95320884&oid=2&pvsid=2911362765832022&tmod=1682469535&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: 413B26EF381C7EDDD5115624C83ED0B7
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-deab6e1bfb9c4776677c.js
Frame ID: 27083278435855D19028D0D75E822E56
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C63C93F498C6AA3313D0570CE60E9DA1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F968D7C186CCBB92E9C54C561C0787B
Requests: 2 HTTP requests in this frame

Frame: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0F30AB63B0E104EEA29DAA50ABB88E9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id
Frame ID: 86136DFE964CBA911F9037629E4C72F9
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8DCE1CCE8AA4A5DC9D6D049C03657CF2
Requests: 1 HTTP requests in this frame

Frame: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC883308A65A70B8021FD7EE887B1F2E
Requests: 34 HTTP requests in this frame

Frame: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 11129BD3208D724D61BC2D8F1C950CFF
Requests: 20 HTTP requests in this frame

Frame: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA2F10DE0834F16C1C26C567D0D0F32D
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Frame ID: 5BC354BCB2FB55C3FC82897458E24B5C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC6C1425ECA273808E439711AF85BFFD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20A4FE2BC8249BED94859AEA67483575
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 19B690CA1DAB51EFA38E034008AC7134
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7BB5DF273E2F36BA5F2F24213EE92A51
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 87CADF5C1AACF46169A6D13D9757D7F4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AA0E85994994A04CAE3C9F680426FCE5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Frame ID: BAFC072C57C1F4E911EA03692A352ABD
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EE20890D65844B7EF57EC4832823F3DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

“Oops, you are accessing a Forbidden Link!” What does that mean? - s.id

Page URL History Show full URLs

https://s.id/5671102AA HTTP 302
https://home.s.id/forbidden Page URL
https://s.id/1SV77?s=skip HTTP 302
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

256
Requests

89 %
HTTPS

46 %
IPv6

47
Domains

77
Subdomains

60
IPs

13
Countries

8293 kB
Transfer

15429 kB
Size

43
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://s.id/1VeMR

Search URL Search Domain Scan URL

URL: https://protagcdn.com/r/adplus/?utm_source=blog.s.id&utm_medium=banner_ad&utm_campaign=logo_click
Title: Ad.Plus

Search URL Search Domain Scan URL

URL: http://s.id/
Title: S.id

Search URL Search Domain Scan URL

URL: https://home.s.id/
Title: Home

Search URL Search Domain Scan URL

URL: https://home.s.id/subscription
Title: Subscription

Search URL Search Domain Scan URL

URL: https://home.s.id/page/help
Title: Help

Search URL Search Domain Scan URL

URL: https://home.s.id/page/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://home.s.id/page/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://home.s.id/page/report
Title: Report

Search URL Search Domain Scan URL

URL: https://home.s.id/page/about
Title: About

Search URL Search Domain Scan URL

URL: https://s.id/status
Title: Status

Search URL Search Domain Scan URL

URL: https://instagram.com/home.s.id

Search URL Search Domain Scan URL

URL: https://twitter.com/home_s_id

Search URL Search Domain Scan URL

URL: https://facebook.com/socmed.s.id

Search URL Search Domain Scan URL

URL: https://tiktok.com/@home.s.id

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/5671102AA HTTP 302
https://home.s.id/forbidden Page URL
https://s.id/1SV77?s=skip HTTP 302
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://s.id/5671102AA HTTP 302
https://home.s.id/forbidden

Request Chain 107

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

Request Chain 109

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=T0xmBXxEWVllKzFTS2tUbjM1M0dpclRJSGlZdkdWSEROd3pURWZlNGhrdi95MG82ZnVBTjRYNWZnNWRNUDE0d3M1aUtXN1VPOVQ4dzhIamFta1ZZQmF6WXI1QXdMUFJUbnNQWnNJajVDUk9rSzRhdkg3ZjZmOWxtUlpxbkhuZHhiTjNCY2JwVkdDbFlLd2tvd1R5VXQwdmxXdXlCeFkrSUNGeElsNzc1b3V3ZnB3Zmo2VFJSV0Y5a1Bvdi9nVW9jUkt3RHAzdG5DS0VyMFhYZklWZzFZcGJYaTJEeFJrNEJjTFdHc2dJWXJPN05xbGNSZWJjcisrblZlTTdpV1hqbjJST3YyV2s5bnJTK2JxWmFwSmlrSGlzRXZPUT09fA&cppv=2

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXkJ6.8IKvdk-iNUwbjKrgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1&google_hm=2

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBLK9xinpbOSXLZBvOjZgfg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLK9xinpbOSXLZBvOjZgfg%26google_cver%3D1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D

Request Chain 155

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEq3jgSehWd7u8AjVRkvl8k&google_cver=1&google_push=AXcoOmQrGb-K1nTHB23bhf67KVMXTnGxBeYB4egk0tm_fgqooQ01SpU27hDjDAb-9Lh0cvR65xlTMSWYaikqlA7mbR9-CoN60M8bfg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864086004643&us_privacy=1---

Request Chain 156

https://d5p.de17a.com/cookies/google?google_gid=CAESEO8nuvPdrcDqSlpUfkISo3k&google_cver=1&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO8nuvPdrcDqSlpUfkISo3k&google_cver=1&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA

Request Chain 157

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOP_-xwWDsj0AMbqfY4ljQg&google_cver=1&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1MDvRKE-mGThjR9rA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1MDvRKE-mGThjR9rA

Request Chain 158

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECvnlr7LnLp5V2oYPxwB5Z4&google_cver=1&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY&google_hm=NjQ3MzA1NTIxNzExODYwMjM=

Request Chain 159

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEFBTpngPMUYYU2LoWEm0_-4%26google_cver%3D1%26google_push%3DAXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw

Request Chain 160

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&google_cver=1&google_push=AXcoOmSlWlkjw_hg59OZw5Q24d6Tp2G-dSdPiNkOilKZGkmFWKkEHNS9IEgDFpWovFSP9QUC5NUQVzzw1DT_bYB8Ini1BAbiSxuMReQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSlWlkjw_hg59OZw5Q24d6Tp2G-dSdPiNkOilKZGkmFWKkEHNS9IEgDFpWovFSP9QUC5NUQVzzw1DT_bYB8Ini1BAbiSxuMReQ&gdpr=${GDPR}

Request Chain 162

https://um.simpli.fi/gp_match?google_gid=CAESEDtkhVFcne1opszwlNsEgJE&google_cver=1&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E5E9C5AC05D4A9499533F561792FCFB&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3

Request Chain 163

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_AGYwlJ7RJO9BYtdcz3zc&google_cver=1&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz

Request Chain 166

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELZ6qFjWUdJExbHrR11o2Us&google_cver=1&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&google_hm=WlhrSjdNQ284WUFBQUROaW0zUUFBQUFB

Request Chain 176

https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/66A02A84C423FFF94D01D96061B7440CF279693C.970738DEDBC7764F1CE7BF78DE205B58A774343F/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E4855EB70FF5537BD039A83FF61AC96176C597D.82B1F09774D2615C8672241FA22FEE822B00590E/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4

Request Chain 182

https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A9F1571875648A5226C56D43DD9AF91989C898F9.4E2C2C8E061932FD2E43955E6465D0D1E2C2D541/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/705018D80EAC34A79D9BBBA784E75C083692EE28.5454DB76799E44B81D2B4B5974D1B64378ABDC76/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4

Request Chain 198

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_AGYwlJ7RJO9BYtdcz3zc&google_cver=1&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E

Request Chain 200

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIfFLtsR3f7u-i_4DfRyhGo&google_cver=1&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIfFLtsR3f7u-i_4DfRyhGo&google_cver=1&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwOTQyMTAyMzI3NTk3NDkzOA&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E

Request Chain 201

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOP_-xwWDsj0AMbqfY4ljQg&google_cver=1&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUzIMhCgpZb900w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUzIMhCgpZb900w

Request Chain 203

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHOW21-YQMgMe7e_p_QHFb8&google_cver=1&google_push=AXcoOmQxYT2Dn90dwi7bf6YOUgv9_fYzbsu0CRXlf5OeiU2oqXxahIEETEgOwuRPLosiEO9PbEOQkJTRQwvQ0cqlfF0GijmLMAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQxYT2Dn90dwi7bf6YOUgv9_fYzbsu0CRXlf5OeiU2oqXxahIEETEgOwuRPLosiEO9PbEOQkJTRQwvQ0cqlfF0GijmLMAA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 204

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&google_cver=1&google_push=AXcoOmRq1QSXMDf7838-Puj5yHB9PGeuJLOskpyPeRvsdO8Q7ZFQZSiy6pnufBvRKqc8A-M_ytmZU0b2WOlOG6XhRaek2mg4RqI9 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRq1QSXMDf7838-Puj5yHB9PGeuJLOskpyPeRvsdO8Q7ZFQZSiy6pnufBvRKqc8A-M_ytmZU0b2WOlOG6XhRaek2mg4RqI9&gdpr=${GDPR}

Request Chain 206

https://jpmcbankna.demdex.net/event?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519 HTTP 302
https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519

Request Chain 231

https://ad2.adfarm1.adition.com/banner?sid=5151015&gdpr=&gdpr_consent=&kid=6224187&bid=18978849&wpt=C&ts=[timestamp] HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 241

https://fw.adsafeprotected.com/rfw/st/1520186/71964889/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20075793042&bidurl=https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gRUsy2x6m3-opIJxhge4V9&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:75148285-57a9-340c-4f33-6dc5df66d372,c:wDKvF0,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-6bd95bc6b4-cdzjv,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:168,mot:0,app:0,maw:0,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:178,oid:a01ccad0-9957-11ee-83f4-169fce58514f,v:19.8.464,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

256 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

forbidden Show response
home.s.id/
Redirect Chain

https://s.id/5671102AA
https://home.s.id/forbidden

73 KB
24 KB

304ms
266ms

Document
text/html

2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

fe07efdd5e684d45122a423912418479f077788be884c22db961d91332fb690b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: BYPASS
cf-ray: 834a758eb91a373d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 01:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WEIVOb2AqM9eHt6LgDibyUVtYbBGcwl%2FIGRDCoZ74bDKgQyp7evss15Vi%2BUUzGen%2FwojdfmgIp6K%2B%2F%2FqlA5CSot07YmkYw74a3g%2FTXNyw0cmU27ItFl%2F5qyrPtaIOStGDywy2hzow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, max-age=15
content-length: 0
date: Wed, 13 Dec 2023 01:33:28 GMT
location: https://home.s.id/forbidden#action
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 montserrat.css
home.s.id/assets/fonts/ 22 KB
1 KB 675ms
674ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/assets/fonts/montserrat.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a35d02ba97e3e4cd1b7c4eb7241bab9f41afb84fa2db2f18d665e946a09122e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:26:56 GMT
server: cloudflare
etag: W/"586e-18c4c663580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e0xCzHq%2F6%2FfXaXDFW%2FUnBHHSKyCsd2wsBFaE1z7rjFU15KYQMJA1AlvFhUFow7U1qOKZ1cye0tyDst49Q6dOEeoQh99vRpqc5QOEDhbK934SUHHiC1hlXnSPG4E%2FuXUaN4pAULcKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
cf-ray: 834a75906a25373d-FRA

GET
H2 200 work-sans.css
home.s.id/assets/fonts/ 4 KB
760 B 678ms
678ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/assets/fonts/work-sans.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMXArhYvXRbbgkgleMIttynIpeEyGJp%2BL6ILf7cKLerwYEwkYL%2F5II3Lb1RbcTf4KqhEEKuhdj%2Fw2Gwh3CESf4QibbJPjul%2B2aVmi%2FX%2Bs%2FivuTi3hsgyRbgdl%2BmwTdIHFb3a%2BhiZYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
cf-ray: 834a75906a26373d-FRA

GET
H2 200 ea8245034dc3dfae.css
home.s.id/_next/static/css/ 163 KB
24 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/css/ea8245034dc3dfae.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39d42c51914990a5fd1d0f4450883a50bdcb0f17a6bd5771f86c028101611c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340577
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:34:07 GMT
server: cloudflare
etag: W/"28cd8-18c4c6cc918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5mh6OsPbdphak20bwu%2Fmp6Gl0zVwXnDSvr6ZAii978XTKgb17Y7EKJRN9P3XsL3M7xcWDQZaYUIGMjhQvglhNsvd07s7usU%2BJoj7c7vC8f80q2xCsZ5CoAP943oEUKoBdyuKsDkBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 834a75906a27373d-FRA

GET
H2 200 webpack-dfbfa7e7a00cbaef.js Show response
home.s.id/_next/static/chunks/ 4 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/webpack-dfbfa7e7a00cbaef.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f36fc19fd2de7fd06149429b69254d05e72044347a958e2615d4dcf2bbe8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:34:07 GMT
server: cloudflare
etag: W/"1197-18c4c6cc918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1e2rmsJ9ZFAfVOkkuNq7uE0qXZ0Cnr3RotvbQNvSnMh3TiEnRKSwQxgeK6jkSYuw0PYFooFcIPEfimYiJhw5w%2BTZpcl%2Bhj5%2FuLc5NiRojWrIlGU4C2eQbw2lIKYOAPUhmsl0I%2BK%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 834a75908a2e373d-FRA

GET
H2 200 framework-c77b5ad42e6fa06c.js Show response
home.s.id/_next/static/chunks/ 138 KB
45 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/framework-c77b5ad42e6fa06c.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:34:07 GMT
server: cloudflare
etag: W/"2272b-18c4c6cc918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwH07F8cfGB8NQY1hhfZb9U3AyOHRe5zW8ER0nHnd6vVhQw%2Fy10qgJaaAVEigBChguqbVfqz36lVzkQsFVcvs3oe3TbJbgvnfTY4MkjNvreat%2F57%2BGTuEw0PpmQv4TS8kySuVhat3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 834a75908a31373d-FRA

GET
H2 200 main-45f200f3cb6b7b3d.js Show response
home.s.id/_next/static/chunks/ 97 KB
29 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:34:07 GMT
server: cloudflare
etag: W/"18214-18c4c6cc918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAaPtgmxVeS2MSGKKMiotnpUfmY4sVmrcOVxbTUU4LHFDPxxV8alI5zq3VJUi%2F4ve27BvEZQQHxHzv0apeMX57Tg9f2CCQmaTMTVCCfdfxVIVmvMwnVz0vaYM6iNe5V%2BOkZI5rGaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 834a75908a33373d-FRA

GET
H2 200 _app-b8f35e07f6fac01b.js Show response
home.s.id/_next/static/chunks/pages/ 419 KB
133 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/_app-b8f35e07f6fac01b.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d0f48b04d2553ac97b87aae4e8ced4ce81727e65aa31b91ef521d8195a7232

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:34:07 GMT
server: cloudflare
etag: W/"68cef-18c4c6cc918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFsefe03iKVU3ecsocVFbuD6kGSl5SaY3h%2FHmMiGmx5q3%2FTrH4hCyCrCMtIndECLIY%2FFsVqKK57FRHQjzsDRa07uW4NFYSvGKttWltJV50XPqauGBdJjNOMYlHypwUcyGFY%2BIMcLGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 834a75908a35373d-FRA

GET
H2 200 forbidden-29883e63e1ce37b2.js Show response
home.s.id/_next/static/chunks/pages/ 4 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336203
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:34:07 GMT
server: cloudflare
etag: W/"eb6-18c4c6cc918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nNOdn%2Fjp2%2BvEEPYSRr2hk3%2FF6oxfyA3SEvkg3%2FKtrBky%2BiZFamIECob1mj3A8zD8Y8465OE%2BHwe7JN1lVuqap%2B45GtGkKmlRBVIQzWSFH6wFSd5%2FOSZbsP5MjtfUPeYahcc0zzMyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 834a75908a36373d-FRA

GET
H2 200 _buildManifest.js Show response
home.s.id/_next/static/XmZH8i6kdVRbNFefP50Fc/ 10 KB
3 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/XmZH8i6kdVRbNFefP50Fc/_buildManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e4f72ba91fb1440620bb79c43834df68aa57cc038b35325a5acec18db239c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340574
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:34:07 GMT
server: cloudflare
etag: W/"282b-18c4c6cc918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvQIJvdaWoagBnIDUqrmQtOB%2F98PG83n0fIew6F8izEKgiVMaTUspIyPJvvqy3lnKTiedE41UG%2FWriOiMsE6DZIi3J6P6BCKQkGnY0SiCHZHv%2FMLdaZ69liaXzNb9RyW%2FdWnmg9dKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 834a75908a37373d-FRA

GET
H3 200 _ssgManifest.js Show response
home.s.id/_next/static/XmZH8i6kdVRbNFefP50Fc/ 91 B
661 B 21ms
20ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/XmZH8i6kdVRbNFefP50Fc/_ssgManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 334817
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:34:45 GMT
server: cloudflare
etag: W/"5b-18c4c6d5d88"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8Lbqsp5jpKdDAQhxJvwjVF9sZMXoH5mGkTD1H%2BxfErSnDQQvQuUcdQ8Y1EHQaKbXWY2WroJtg6EmkdYod1xDd0xDlTiu2UT1Q%2BcFYS%2BIm0pT91Ir1AS5XpAKcDmiQB7H%2FsXXRNHwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 834a75908f6e9bd0-FRA

GET
H2 200 403.svg
home.s.id/images/errors/ 4 KB
2 KB 231ms
231ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/errors/403.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Dec 2022 03:47:41 GMT
server: cloudflare
etag: W/"1136-18551b16f48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyNGOTRODqCtuG%2FxlGqPM%2FiCjb%2BKRNc4Ch2ZrRQ1%2BjrYCiYMUiqrLgjLKlauDClxstGCiPTFpH6NnGS8G%2Bvx%2FRZCal9QLf0sMOU5X0vn6hRxJFAuiD1FB1w%2FWkKUMdyAhXEWfVEGcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
cf-ray: 834a75906a28373d-FRA

GET
H2 200 sid-neu-logo.svg
home.s.id/images/ 8 KB
4 KB 232ms
232ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/sid-neu-logo.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
server: cloudflare
etag: W/"2120-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umJoeyMlBULTBOG4%2Feo%2FL%2FWkS4uB2drOvntRMSZJtgps7jklFkeODxriIXz8JywYcN4%2BWZ3I3d5C14CHmYRXzvqfLjjeBB%2F2jn9xujGtJbLKgJamPd1GsLXPdiBNxO%2FlpetbF5e76g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
cf-ray: 834a75906a2a373d-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 54ms
39ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://home.s.id/
Origin: https://home.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 834a75909a7d92c3-FRA

GET
H3 200 montserrat-normal-800.woff2
home.s.id/assets/fonts/dist/ 32 KB
33 KB 235ms
235ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/assets/fonts/dist/montserrat-normal-800.woff2

Requested by

Host: home.s.id
URL: https://home.s.id/assets/fonts/montserrat.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.s.id/assets/fonts/montserrat.css
Origin: https://home.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33148
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:26:56 GMT
server: cloudflare
etag: W/"817c-18c4c663580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mWv2QBSe2igqfigBXjxFc4N3kZQTJfPb3pHkPhgkJZMBHT%2F%2BWE1Wyu4P6UBEvC3X069P4SttB2yaBOJR350liy5P8Nh0Ow3EvSnZcNVCmzmMZabM42SGIUy5aE%2B36t%2FBZkOzg%2BVrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 834a7594c95d9bd0-FRA

GET
H3 200 montserrat-normal-400.woff2
home.s.id/assets/fonts/dist/ 32 KB
33 KB 766ms
766ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/assets/fonts/dist/montserrat-normal-400.woff2

Requested by

Host: home.s.id
URL: https://home.s.id/assets/fonts/montserrat.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.s.id/assets/fonts/montserrat.css
Origin: https://home.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33148
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Dec 2023 02:26:56 GMT
server: cloudflare
etag: W/"817c-18c4c663580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6D2X7mhxpujIefGLeftkcr3lDl2cjDBgk9l0MpFJxz1syWwIMoMuZ2QtuXCAJ9Kv2j%2FewuR8ao%2FByejTnMxA7IhYX4KSY%2F%2FiTYXAjY933m7ZxbYNv4ebHzCK5skLblWd9v2G4p%2F6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 834a7594c95e9bd0-FRA

GET me
app.s.id/api/user/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 48ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08e27c3d3459374fae8672b879d9ad1b6965595612605be8d1e0fe873a232ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 01:33:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 47ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1a01d1b7e2596b94776b19e86f136c2198fe3898792a921df380fc7b44a6f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 01:33:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 53ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43ef59339df86d140d563ae54ba0af2ed0bd9d4af5e75fe61edb1b8dbcd2dfdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77800
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 01:33:29 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 38ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 01:33:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vjU2brgfJz83qAplOWPMohoG0hYNjdvFPtp4N7UIqWeSr6JVSMjoKtH+bTtSHIXK7qytQNrs5nBjzGPn7WDPVw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 54ms
22ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VJNSTS6NH24VGZXW
age: 6
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZaA0/pNyb81iWefpjGS4Q1RaRzQbA+fGKlK3Mf/p7f/BJNjQ5D4umJJ3DA6PSAUaVAklKLutfM8=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCziBPTMkOIyOLmTvf1SQLs5qWJ6OK%2FUC3v8TvshVStjmikGEfOBdzzPJoGaG8JARExqlArrQfJ8ifMvJrzZj%2B96kRek9X%2BmsNesTA7DgEBdYIx2fDgk1WXxEXA%2B7YUXDCVAT3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 834a7595197c39d0-FRA

GET
H2 200 client Show response
accounts.google.com/gsi/ 206 KB
80 KB 110ms
59ms Script
application/javascript 2a00:1450:400c:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-b8f35e07f6fac01b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kj65v75hp3s37tFrrMhO8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-kj65v75hp3s37tFrrMhO8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 13 Dec 2023 01:33:29 GMT

OPTIONS
H/1.1 204
No Content me
app.s.id/api/user/ Frame 0
0 544ms
178ms Preflight 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/user/me

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://home.s.id
Connection: close
Date: Wed, 13 Dec 2023 01:33:30 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 3626502037629324 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3626502037629324?v=2.9.138&r=stable&domain=home.s.id

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

857e0bdc9ba878e6786a287c65f8e5121f2fb85d244bc3a5f8edbb7d39025ae7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 01:33:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2cW7RluHTf6pwSgc45smnkzI81OI2qx6Fhy77Ix8lSLMVyUJPTJqyPtMlARP+XMyUUT2e+sWDtwvQcOssyEk5A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4b27aa03-d3da-43eb-8382-660c054fbc9d
ekr.zdassets.com/compose/ 1 KB
1 KB 202ms
180ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8308f9559cc0de47-SEA, 8308f9559cc0de47-SEA
x-runtime: 0.011363
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1be78db3e605d5c58ca618fae154f1c7"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=846VvAlvcvlwghmVyUISnaSlI0wm9wmRViPtt4IsnuY4ZVERXF8dtxn5V16wMdjCU80b0jPGU5rXrTzZom6Cou38G4QsicNWPZtSFxiak4fkBgLlv0DXKe4yLYHp8g8fSRA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 834a75956fd59a0f-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cedd808f9c406831a20a8e26435f056d66bd761f3ffbfb7a297a4d1c524dc08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85532
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 01:33:29 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3bt0v889124234&_p=1702431209745&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702431209&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2730
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 52ms
17ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=144635658.1702431210&gtm=45je3bt0v889124234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10823601447&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4609f2029d4a91ed4d98f3bc6abcefb20588a4b27ce2dd969b7b9d1074800464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77794
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 01:33:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
49 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfd0f104fb9fbe15c6830bffbdb9683cf1a643263a9c30491d420b02c91f90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50558
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 01:33:29 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 52ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=144635658.1702431210&gtm=45je3bt0v889124234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1738612110

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/ 3 KB
2 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1702431209849&cv=11&fst=1702431209849&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887245165&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&auid=848533358.1702431210&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6766855449a9306fdca2e4c00b459422bd25730f90309ff608ccd6c8e6f67371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1228
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3bt0v881303989&_p=1702431209745&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702431209&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2768
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Dec 2023 01:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 664
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 13 Dec 2023 03:22:25 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10823601447/ 42 B
455 B 52ms
31ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10823601447/?random=1702431209849&cv=11&fst=1702429200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNMSoCtehgxa0rpmdiggw2ml__8op1Jw&random=1419066386&rmt_tld=0&ipr=y

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10823601447/ 42 B
154 B 31ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10823601447/?random=1702431209849&cv=11&fst=1702429200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNMSoCtehgxa0rpmdiggw2ml__8op1Jw&random=1419066386&rmt_tld=1&ipr=y

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 20ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3626502037629324&ev=PageView&dl=https%3A%2F%2Fhome.s.id%2Fforbidden%23action&rl=&if=false&ts=1702431209907&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702431209905.620576761&cs_est=true&ler=empty&it=1702431209805&coo=false&rqm=GET

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 13 Dec 2023 01:33:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 13ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1575067920&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=123476732&gjid=1772550757&cid=144635658.1702431210&tid=UA-225238330-2&_gid=605542577.1702431210&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1517899217

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://home.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-main-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450 435 KB
137 KB 25ms
25ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id: RqZIDjLbqQCJse5.5YPoIz6l3bVKH2F9
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FSF5803D2MZ177K
age: 686672
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: s6NVEjlxQ0X409+93Y+AyzPpDVdCnUzkj58R435QREy4lvYOga3kZ8DuxKYs3kScc5mlXhydQ7o=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"531e7cd49856ceac1ab739dee1bd9825"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0WYBu2iRg%2FGFMwprPOa2W5okOKkgUFfRkCXFv59NgQFU79U7M2pO2nB9bZ3BtApm6DFjcGaAoTD9rMnj9a2hcApqBL6bpXW1ibIl6chNJ1HLypmGKQUs8CprY65nkiwWMHL2S4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 834a7596aa4339d0-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 en-us-json-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 4450 16 KB
3 KB 27ms
26ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id: 0TD6PAWfsyxN8kJamulTpqLVZArSSWuB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS8D41MZJZMYG1B
age: 686672
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: MlQYiQ2dqb9h/OIVYc60rdAWwzi2m98faLu/nzTPmQXpoeHOhtgWXpnmexReeLW5Qx210z3PGrY=
last-modified: Tue, 05 Dec 2023 00:28:38 GMT
server: cloudflare
etag: W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZgymrx1f3YW32Wo9or%2BoUpqKj9GrZwuvKVCvWm7drJCqDFuGFhAUw6HdjRubM03%2BxOSuRaLyiBCOFLp1yK%2BJpL28ETr%2BFaWNuC9AMJ%2FxrVns2gqX2Nd7lAHnE2ltw1wF1MHnWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 834a75972a7a39d0-FRA
expires: Wed, 04 Dec 2024 00:28:37 GMT

GET
H2 200 web-widget-4852-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450 139 KB
47 KB 30ms
30ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id: rgQyDw8mO5OrfYenQWJeUHQhMhROhIV.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS6K6N3BED5C9DX
age: 686674
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: mZYDmVwtmpMlbyBFUcvQAyVxK3nKNxXriZZENjdf3EjmZopRc63mtrIJzjjk+FTJoP0ZDs3BETM=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt1eg1ABUwM%2BKald7mSkfpN2c1v6izVS1Cb7BaN2UftBVbsN4LfIBsKwUuvFsEg2nROIsaNyPUogXi7ggk9OCiwXBXVDIj7t84NGR8DcyFgpXjjw8JrJp%2BcK7qV6iau5uyb%2FxFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 834a75972a7b39d0-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-519-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450 24 KB
8 KB 22ms
21ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id: GVsqCvOfUiBJYIwZLFLTQX5MyDUCOwc2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS3V2M4QJ2ZK33P
age: 686664
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZcwJ01puBTNkg0AiqHh4Jwsz8eTxW4l9Gmz7kmYejNT5ylWWy39mTLN7KSZvvQMqOIGQL7p8G4s=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FThWy%2FHLhNUKdZFttTev9rAL4PUL%2F4%2FUFMw%2FPhjoqw5R4MqL1sB7miWFqRK9zt%2B4eA5Kdz8dhkXo93ltXw4T5mw%2B7ihVv8g1kmxlu0dH13AYHMAQSxssFJwvuB%2B6hdr4uWwNec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 834a75972a7c39d0-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-5178-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450 24 KB
7 KB 18ms
17ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id: NLi469M1WczuGaqZLXtxIgWwTh.1j.zh
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS7C58SVHM9XWRN
age: 686674
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: UHe8in2/NNlJQ8+xqDERT39dCXeKxCJVrG2UC/shLH4h+ZNVARF4OnkmVkfqjVmg/Z5Cp8G4Dco=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmaffAle%2FEAaZZLLLNcK5NQpM%2FmAOOa0vk3iw0daacX71z7YlbBrlw%2BE1IN1Fqjhre%2BAnmxq2i7sSI%2FU3Xd6iE8ZxIqwOUTXG7M0iv0cUaHqivdQNZTuKVEAQFKO%2FUMQNuLiBTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 834a75972a7d39d0-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-9535-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450 15 KB
6 KB 25ms
25ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id: ty1N93CTNGjm.TymHP.kwa5RR_YIsyxf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DGAPYB7RVAW7PJHD
age: 686674
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LC24n1k4UTXrcSOVS+iTkc9O6eEHNgBkRjg38QC4zxrfVph2flnYKtoV/TdQVWhBnH75nffI3kfqzTligwZ0Hg==
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"d46547a6c79c8800ac99ed5408528a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iWmeRRfOZdvrFxEuOYgbmSkSdZei0QpGNXeGYcbLHIiTxvY22XnrRfU8TCWhKjK%2FJ5VrxUGVyvUUagJ2rdmF%2FyVHQK0EXbC0IhAV0iUlp5bRIJp%2BWj8qSfu0XP2%2F1LkxNDyoCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 834a75972a7f39d0-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2

200

Primary Request oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2 Show response
blog.s.id/post/2022/05/19/
Redirect Chain

https://s.id/1SV77?s=skip
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

113 KB
32 KB

62ms
19ms

Document
text/html

2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

1373576b47409b734b6d633162733592b809e479940f1507db83ecaf45c7676c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://home.s.id/forbidden#action
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75461
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=86400, must-revalidate
cf-cache-status: HIT
cf-ray: 834a7599f828373d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 01:33:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYO5%2FrF0IS4eJypwob11I7hYdVIr9MDLCuouURw%2FXDIgYZgKp2gvGJJiEkKscWPNXvrXLdxJa8f0O1FkAUcqXN6XkMdV11mDV%2FUo5pGpXY4yqSMQKB8A%2FDTue0%2FPNbkKkhFC8db%2Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

Redirect headers

cache-control: private, max-age=15
content-length: 0
date: Wed, 13 Dec 2023 01:33:30 GMT
location: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains

POST pv
sdotid.zendesk.com/frontendevents/ Frame 4450 0
0

GET
H2 200 config
sdotid.zendesk.com/embeddable/ Frame 4450 858 B
1023 B 304ms
273ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdotid.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-6645897d88-mtlnx
x-cached: MISS
x-request-id: 834a75979e8d4d3a-FRA
x-runtime: 0.003762
last-modified: Wed, 13 Dec 2023 00:51:51 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0pirplynrcxAWv%2FB5VNxaDwdhBE6lcapCwnb0TG1qsDSF%2FQmBMNJtqWXQxPlsISTRnFiPcSFclWKF5B7rDDVzXlX%2FXf9DJbJeYLv4UxSl1Wf2cA7kr2jHP0ZkbDcnkYEstMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 834a75979e8d4d3a-FRA

OPTIONS
H2 204 pv
sdotid.zendesk.com/frontendevents/ Frame 0
0 276ms
245ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 834a75979e8c4d3a-FRA
date: Wed, 13 Dec 2023 01:33:30 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp0u%2FP3rCy4z9A%2B8e821Cge3ItbuQJEA3gJhGTppwrZwQOdL6cJXv%2FJhOpoDtg1%2BspMhDIhbQIJyNs%2Bh8yp584hZoAu4N6IPXshtffvhoy4xkRJzCOZdbg%2BKoj38rPmBfrIoXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 834a75979e8c4d3a-FRA
x-zendesk-zorg: yes

POST collect
region1.analytics.google.com/g/ 0
0

POST rum
home.s.id/cdn-cgi/ 0
0

GET
H3 200 412338cf0c38613f.css
blog.s.id/_next/static/css/ 120 KB
19 KB 23ms
23ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/412338cf0c38613f.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1487936e32296ba5ae5002b7528b604a8784e7b2826bfaebb2ce6ce0d80b6b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339118
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"1de68-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIV5T9wFr%2FIQW7zOpP6MnZ78EVR1fVsAEbbU4KP5GXy7twjpWkVaPf9oHtFLBL8T%2BuABlcgcPKOlq1el4fcMSQt0YcJ7FpqtQtQBtpjG379caHhZ6baWAMTESkmF5vwwv8HdqazHag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a1bb49bd0-FRA

GET
H3 200 0ccc702cf5b6f291.css
blog.s.id/_next/static/css/ 722 B
788 B 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/0ccc702cf5b6f291.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"2d2-18c4c6b1398"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hDNqZ3TkP59BVeso6B4Zl6JXrsBgUrYIdn22SdSy4His%2BGvQ29E1WkzQppIHggwJl43XJmvKrSCZ5Vxd4PhleWHCm09ttuKx27Vpn5%2FRG2mL8wh1UD7YZWf8%2FEnh06QLnzmYIVesQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a1bb59bd0-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 175 KB
58 KB 86ms
51ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

323356bea8a6a202c80f8ed4dd22ba1cf3eb061f2a8f927e4ce4aca7661ea0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59085
x-xss-protection: 0
server: cafe
etag: 4381437893952885375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:33:30 GMT

GET
H3 200 webpack-36d12a75f0098f30.js Show response
blog.s.id/_next/static/chunks/ 2 KB
2 KB 20ms
18ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/webpack-36d12a75f0098f30.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"892-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BtboJUDWruGreG%2BPEPuJZoCMu6btX55sE%2BySSQ8R2bWv1GZFOucxeY7cadawFXPhfWBm47IXIRKode%2FTPFXSMp1s6WaRXsS9%2BNdgy1OlO%2FoKcwWrWhAuP1i%2FedhdoQ6jmF0IUJSEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bbe9bd0-FRA

GET
H3 200 framework-400d78dd60ac46ca.js Show response
blog.s.id/_next/static/chunks/ 138 KB
45 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/framework-400d78dd60ac46ca.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"226e4-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCA%2BiS9QFX5vqhsBZtkqjVFGmSttElo8nEVltZqcHJ6lEcstcMmtiuQjJohA4NG9Eym5qj%2FlMe5BQOHgfEssFOTpfgx0IPmec9i%2Fkkvu%2BVtgWjeMdeVrk7VWMCcJRkpFQj2ciSs7zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bbf9bd0-FRA

GET
H3 200 main-ef060895a635bf59.js Show response
blog.s.id/_next/static/chunks/ 96 KB
29 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"17fff-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDhGUz51Ft1cN%2F%2Bz5UQEBTNUqrQpqKKN1xQBaRiiDfyn6So6jVLfF%2B2ug1l0i%2FRVp5fgZzMLRBB5nbvrDDUiF%2Bap95%2FIKxW6HWJKYAdporC7mdYQWozMGDHMomokVh%2Fy%2Bxl1k3if4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bc09bd0-FRA

GET
H3 200 _app-de5007dea8150d1f.js Show response
blog.s.id/_next/static/chunks/pages/ 256 KB
83 KB 34ms
33ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/_app-de5007dea8150d1f.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e6fb1f93175bf783970742a357934e73808e149f8ab237828f0ca8a12f2588

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332513
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"3ff20-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6bhyPgK4mcqlczQWjkbpPKddpAMqJVmplsxuTHlxw0XC4e2avnaUKYuivaStGUeyvZ13dMiHgehmv1SkzK9MSuUcWqRNvmlVULqF0bjfmiMALt8T2d%2BGoeab7QWt4IIDOZYrrQhrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bc19bd0-FRA

GET
H3 200 b7322211-fbdd2383fa168487.js Show response
blog.s.id/_next/static/chunks/ 3 KB
2 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/b7322211-fbdd2383fa168487.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 331366
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"a7e-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VC%2FqIf9hBwosHUQclOnI2EA3YHh8HnRHj2e9qi7pUqgHCJA%2B%2FCakkhaxsoxYJ0XvTgVHCc0gQig7XpxpkjGHcpc2esqz9ULzhIfkQufAtBSh%2Bq2%2BUsX%2FOizwfU1ZARJVtsxvCYsA9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bc29bd0-FRA

GET
H3 200 903-f279e023cd941d06.js Show response
blog.s.id/_next/static/chunks/ 140 KB
43 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/903-f279e023cd941d06.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"23198-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtS3U0GEI0ZE%2FYEEzxWvJqkiP2SKPdnLe8b%2FJWPmphBIfJpTU0ncpT3am4RWi6cTAeNtPscxDKBYCpxaz662lTo5jpu7joiFV4jaioB%2B3vqQu%2F68C8n4bZ4huLhbg3OmxK71KiJ%2BeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bc39bd0-FRA

GET
H3 200 68-0a3ef05955003f6f.js Show response
blog.s.id/_next/static/chunks/ 13 KB
5 KB 41ms
40ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/68-0a3ef05955003f6f.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

951a2067a584dbb3151388bf54762ad93bf94d45898f311b0bdda74ba76d12de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"35f4-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVABbdJlKNHFqBdgD9FCdijIV99zdYML5uv%2FgmugcQ2Ev%2F2DXIT6ExZb7NHR%2Flz6qMAbzW6U%2FxctrHh55oKTSOYoD7t6%2FK9rE4KA%2F4yBQp7NLpRAxbdg1kZQcl%2F%2B%2FRcc3KK6DbX27w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bc49bd0-FRA

GET
H3 200 %5B...article%5D-f50dfd12dd1bf9bd.js Show response
blog.s.id/_next/static/chunks/pages/post/ 26 KB
10 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-f50dfd12dd1bf9bd.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"6877-18c4c6b1398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP69WFgA9Gj9liW7UbwAduJJj5NlKpCK9%2FxPNywyZlVuIVWRYDjhyjgfq1BpvlpYdrEKL1MAXSk17AUCjrzX%2FZaFrvhvz8hs7MhIAHZ%2FRKXQSt3lIIydp4p09Svm%2FHQv7FRLNFzdWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bc59bd0-FRA

GET
H3 200 _buildManifest.js Show response
blog.s.id/_next/static/aYzQ14L_us2EhaQniEzo4/ 998 B
984 B 21ms
20ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/aYzQ14L_us2EhaQniEzo4/_buildManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd65dbf5130ef5e064320f6f300b54f82c06e9893055611fcf639d6eb8fbfbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"3e6-18c4c6b1398"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqkHBPFgdXXWeLxsFraGlgnsWBUoVbhO9A1M4SKSh%2B2uZmOBlGklS5wlodBc9337%2B8x2kKHYnzCSSohTL08UfAxqMUyKw2PxOJ9koPhFK7VWmDBbNCtpTnzdw85yQB2tSquSTq2nxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bc69bd0-FRA

GET
H3 200 _ssgManifest.js Show response
blog.s.id/_next/static/aYzQ14L_us2EhaQniEzo4/ 77 B
609 B 24ms
23ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/aYzQ14L_us2EhaQniEzo4/_ssgManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329637
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 09 Dec 2023 02:32:15 GMT
server: cloudflare
etag: W/"4d-18c4c6b1398"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FQeJbAEPy3OytqMdHjLqN%2FxecZiWk6aAKaqM%2FcZhN7Z3pDAgdt%2BJVIMTZXdhclwtv%2B%2F37jgeUklnG0%2FLaD5%2B5p%2BJSvLTNw2VghWqSt%2BtZwSjzN5oIe5FineM84ipYqhwmrQ3M6Npg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 834a759a2bc79bd0-FRA

GET
H3 200 montserrat.css
blog.s.id/assets/fonts/ 22 KB
1 KB 227ms
226ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/montserrat.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a35d02ba97e3e4cd1b7c4eb7241bab9f41afb84fa2db2f18d665e946a09122e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 09 Dec 2023 02:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"586e-18c4c663580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGDGsbnDJkIdJNtJid88NweUf6mdzHcCzwoa6QxAJhOIf0R28NvwF6ez%2FRMmoMwQnWH%2BpdgIGCjmkRP0xRQq3r4i%2BZi3zc3cDZAvWVPsnQFTUM4sIS%2FKLQ0%2FTq8DJi47%2FCEtsGHJxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 834a759a1bb79bd0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 work-sans.css
blog.s.id/assets/fonts/ 4 KB
945 B 240ms
239ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/work-sans.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZukSxE2IG9AwRoT39MjND2rJ8Q4Gf3b0JX%2BewR88oU%2Bjkk6WDAi%2FDjSzhkv9VPrCxacoT8kwn%2BopMlUgBFg%2FjytZc3mPIu15W0T7CYL6Z6OYGsYgIQC9KZPc3llIjeRaqZF1i8TNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 834a759a1bb89bd0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 klip_2310_home.jpeg
cdn-sdotid.adg.id/assets/ 38 KB
39 KB 96ms
46ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/assets/klip_2310_home.jpeg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

992d5dd4f6d819b096474930d8b6c9b2650042366d1f539b42198ed1fdd73cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id: 7J5fU7ky2RB2K0._gaywL1p5g8cLKNce
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 38940
last-modified: Thu, 12 Oct 2023 09:48:14 GMT
server: cloudflare
etag: "41e097787c826186c9cc5281368f5c85"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pJFPeo58Eq3LNnVWjeR%2B6jeDvfiD%2FkGMhR%2B2uDqu7YkLcXlGMnuz95DwTFctKJ3GdHHClOpJ%2BmU29DzV2BUFXMohKzgvW2ZFP%2FkjjWUShb4CB3vbtsylTVTbOkuPMnncH0QIMA5kr3xrxgCNY2P7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a759a697a3623-FRA
x-amz-cf-id: newV7luUYPcQ3ruzdv1JiYjeSrSvmJP1nFn9P6irIGz_o70_TLe0Hw==

GET
H3 200 adg-red-ring.svg
blog.s.id/images/ 6 KB
3 KB 236ms
236ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/adg-red-ring.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 12 Mar 2022 15:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"1926-17f7ec17510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2IfLyn3n1ae2zofGHHHAizf7aJXW6wH0rMJUyGwJPyS38C5NABr8lk5azHjo8U%2FAWDcnOgyByIE4bBgFnm3cxUYfeEypaySoQonSSsDO%2Bb6L7yscatxtADRvfOvm%2FiODoe0aQeJ5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 834a759a1bb99bd0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 38ms
37ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://blog.s.id/
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 834a759a2f5a92c3-FRA

GET
H2 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/ 460 KB
150 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id&bust=31080037

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12a2cfd2ffbc1ea445b253c65d32d2800c3b2a027dfa44571f8f2640cc6fc7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153244
x-xss-protection: 0
server: cafe
etag: 8586711711260569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:33:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame BB91 10 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 04:44:43 GMT
etag: 14902866265712643852
expires: Tue, 26 Dec 2023 04:44:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 work-sans-normal-700.woff2
blog.s.id/assets/fonts/dist/ 49 KB
50 KB 233ms
233ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/dist/work-sans-normal-700.woff2

Requested by

Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea0a3347586d6655b46a02ad49e267649273207f1099d548e069cae4b7b2bc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.s.id/assets/fonts/work-sans.css
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 50560
last-modified: Sat, 09 Dec 2023 02:26:56 GMT
server: cloudflare
etag: W/"c580-18c4c663580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaaMzF0iQ%2BqyBVv0fZS0hqtZakMLh%2F4QMDcPt%2BTiT6S6EbxP1g9EHIjf9NU7IjuAJHeUaPPGr7egocFOVsegLlI%2BZ32Tvo%2FJKBU5fmyvsPLa5U3087xzOcP1JaRK1N%2BLcFlBxHh6qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 834a759bac8e9bd0-FRA

GET
H3 200 work-sans-normal-400.woff2
blog.s.id/assets/fonts/dist/ 49 KB
50 KB 236ms
235ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/dist/work-sans-normal-400.woff2

Requested by

Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea0a3347586d6655b46a02ad49e267649273207f1099d548e069cae4b7b2bc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.s.id/assets/fonts/work-sans.css
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 50560
last-modified: Sat, 09 Dec 2023 02:26:56 GMT
server: cloudflare
etag: W/"c580-18c4c663580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQb0YbVnUU2oJ9OUtYdvlg1NTii0dJtOexQ0AOEbSu%2FpuZzY9ih%2FW8waUotwy30SCuccV1TIgSYpaRMD1BX0HGOGafR5BnC2ntwTwzA0qsp1f8j6203ipFMhiRvpL%2FadHJ%2B3mvgfMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 834a759bac8f9bd0-FRA

GET
H3 200 work-sans-italic-400.woff2
blog.s.id/assets/fonts/dist/ 47 KB
48 KB 231ms
231ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/dist/work-sans-italic-400.woff2

Requested by

Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ffc104c9694ddc19f5162ba8021d2ea8fc262ca055042a71e0d17b09b5c0f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.s.id/assets/fonts/work-sans.css
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 48432
last-modified: Sat, 09 Dec 2023 02:26:56 GMT
server: cloudflare
etag: W/"bd30-18c4c663580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC2%2B33lv8L3agbZBYvUxnAJQmbV6l2rHQ6uRMBNUIeGSwWSa8pGRMVQK9n1LwAfzpbPQ%2B%2FeZe9SHtMESTXgAlb2Qz2zVwkcbohJG3%2F38P11iJnss6cKJcvszgVztiimWF%2FNZVwlKfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 834a759bac909bd0-FRA

GET
H3 200 sid-neu-logo-dark.svg
blog.s.id/images/ 8 KB
4 KB 253ms
253ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/sid-neu-logo-dark.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2137-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z2of07eN67jnWel8ddihf4ClNsSIlDRCtPKYO83GmBjaIj7uQLi8khrIiqstuG5sxa0XaxxoBY9NPwkolRXKTkUT2V3XZ%2FGKzYhD%2FY2osAa5ABNo2kywl5eWve33iSahb9BVXYd2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 834a759bbc979bd0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6414e2acb93d61cc7427584530f90ae20a94b358bce7cdb4b05dd03eec4b60c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85519
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 01:33:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0eface46a399934cda952d5f5d125ea4f4103ccf5d0a5b900bcdfd14a808af68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 01:33:30 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 16ms
16ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VJNSTS6NH24VGZXW
age: 7
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZaA0/pNyb81iWefpjGS4Q1RaRzQbA+fGKlK3Mf/p7f/BJNjQ5D4umJJ3DA6PSAUaVAklKLutfM8=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTCUXx%2FDjdLM9My1I0NugbqcYbUr1%2BT%2Bq5qIu4uvyX9nOy4LY0SOdXBkOzLOiu4e6R6EIzfpJJIuWKalV9cCxWsJ%2BBp7StvpvJkaS4vY7sUyOqehO7mPp5TJshiI2sk0Fmj4cfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 834a759bfd2f39d0-FRA

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 413B 0
20 B 55ms
55ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1702431210&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702431210699&bpp=3&bdt=121&idt=193&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8535591287261&frm=20&pv=2&ga_vid=144635658.1702431210&ga_sid=1702431211&ga_hid=1439740521&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C31080037%2C95320884&oid=2&pvsid=2911362765832022&tmod=1682469535&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=203

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id&bust=31080037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:33:30 GMT
expires: Wed, 13 Dec 2023 01:33:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1dc98855-fcfe-49a8-9ac6-f3d16b24538f Show response
ekr.zdassets.com/compose/ 336 B
590 B 169ms
169ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b8f8113f98b6e61c77542de0689621daa14087934122935b9d19db67a59dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8308f974ffd15e9b-SEA, 8308f974ffd15e9b-SEA
x-runtime: 0.010985
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e5b8f8113f98b6e61c77542de0689621"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03knxWieL%2F4m36b3cpZJcem%2B345ovFw4Xds%2B2A5c1oXHywm8V%2BFHy8HgC3pLmVymzAOSQWrTwXoYdVU1C9Z%2FvI9YuCFE35zCQxKAqtUohokhfSGCfbffvnEeNdY8rxsZ5eA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 834a759c2ad59a0f-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c58b5a51b2177a2b7d12ee0c4638194266e6efb467b19031602e9f4cb3f13647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85528
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 01:33:30 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je3bt0v889102823&_p=1702431210878&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702431210&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=%E2%80%9COops%2C%20you%20are%20accessing%20a%20Forbidden%20Link!%E2%80%9D%20What%20does%20that%20mean%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=824
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
68 B 17ms
17ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=144635658.1702431210&gtm=45je3bt0v889102823&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=144635658.1702431210&gtm=45je3bt0v889102823&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=294659310

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je3bt0v881303990&_p=1702431210878&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702431210&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=%E2%80%9COops%2C%20you%20are%20accessing%20a%20Forbidden%20Link!%E2%80%9D%20What%20does%20that%20mean%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=839
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
54ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec8809d403fd1f42e287cbf8a2eac126f78bca7ef1b7c046bba156e3de7b6a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12195
x-xss-protection: 0

POST
H3 204 rum Show response
blog.s.id/cdn-cgi/ 0
137 B 9ms
8ms XHR
text/plain 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
content-type: application/json

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://blog.s.id
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 834a759d4d549bd0-FRA

GET
H2 200 web-widget-framework-deab6e1bfb9c4776677c.js Show response
static.zdassets.com/web_widget/latest/ Frame 2708 102 KB
32 KB 20ms
20ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-deab6e1bfb9c4776677c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5eb4ac3390920825c2f368d1fcfca6b0c998b80b75f7b970aab00363137c12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
x-amz-version-id: jxfLAjAMoSjcjesSkiIH5lJeYxTAMjAP
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DGAWW5HR30XQV0MR
age: 686654
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 9K9nZsPlyLayyK0dRSX2XhgRXV7AqHHIPNIu4rkJu98A2HapVVo+BUAbBFqsXJit0xFzyWg7NLc=
last-modified: Tue, 05 Dec 2023 00:21:34 GMT
server: cloudflare
etag: W/"c9bcb89fd41dd7252d18168d3ebf7e49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlqQCtoiH%2FmaHx6lnkn4b1848lF2rXlRZTPQ%2FKgWMMOZY8vOKkNVm2N1HMUDjFgb0iiM0V0cf9jEHDP3cJVpANI3oz8YidcLAEB1v%2BPeM8V%2FNMypF802nMJusc%2FCXME0iIbxmLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 834a759d5de539d0-FRA
expires: Wed, 04 Dec 2024 00:21:33 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 96ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad880bd4f96df8c0fa793c170113c0fc2670b09614fcc9b5880402f88956d63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29397
x-xss-protection: 0
server: cafe
etag: 20 / 19704 / m202312060101 / config-hash: 6487957748488688722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:33:31 GMT

GET
H2 200 site.js Show response
protagcdn.com/s/s.id/ 442 KB
126 KB 80ms
54ms Script
application/javascript 2606:4700:20::681a:78e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/s.id/site.js
Requested by: Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=453743
alt-svc: h3=":443"; ma=86400
pragma: no-cache
cf-bgj: minify
last-modified: Tue, 18 Jul 2023 04:06:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTsyOPum4UohzXVGdFldlIdH9cdtQk%2F1L0pZVJ7nIPow4b5cP7zdfKARchOrU%2BQX7sNX%2B7kCee%2FBs91bqhx2BOHdaIRe1Omrp3s4LOkFM9zh4tWSXAtJ4%2BenYdGHRU9QUVSBqP%2BEUkh1ntA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 834a759d8e5e35f0-FRA
expires: Wed, 13 Dec 2023 02:03:31 GMT

GET
H2 404 config Show response
shortener.zendesk.com/embeddable/ Frame 2708 15 B
949 B 64ms
16ms Fetch
text/plain 162.159.138.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shortener.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-deab6e1bfb9c4776677c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security: max-age=0;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15
x-zendesk-origin-server: embeddable-app-server-6c58497b58-xtl7p
x-request-id: 834a75429fb2bbc1-FRA
x-runtime: 0.006619
server: cloudflare
vary: Accept, Origin, Accept-Encoding
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oi94qYm7rCEwVIBNDYz26SIOqppZr40Fr1YDnYzQmii7ZKUuC0Vt08s8jAF0WM9ckchbswfYBMF3wmuVA3kOaSAu%2FwRPo7kWe5juIhRfuu7oOeicLkHa1eGU7HsLGdSmlLW7U9uWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=3600
content-type: text/plain; charset=utf-8
cf-ray: 834a759dda73900d-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 89ms
68ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 01:33:31 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
432 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:14:16 GMT
x-content-type-options: nosniff
age: 44355
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441821
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:14:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C63C 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 19:59:49 GMT
expires: Wed, 11 Dec 2024 19:59:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8F96 829 B
980 B 29ms
27ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

624ade36c76e96a273bb85a6040d71e1fb731fab6c7b1d30a6460d5664c66fee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TeWJjsUMlowYgJdFceqxIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TeWJjsUMlowYgJdFceqxIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:33:31 GMT
expires: Wed, 13 Dec 2023 01:33:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C63C 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8F96 0
0 40ms
40ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2911362765832022&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C63C 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1oQj6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 29ms
13ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27199
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrOjvC2QEzoyvZL75BHlYLMwUcFI%2BYYQuJVzpNTjvKzQzWUjtz%2FU40ZMDEA8UZyeg1aYYnJrgxtJZuh8G8vseQ2q93%2B7kLJkjOx%2BKhyD5AVmBzYKzn3vO2aBIrKmHWKYZXAn%2FE5tahgAslDNw64%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 834a759f0a5335e6-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
34 KB 45ms
21ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: 9XEJCTBGXMH6BWG7
age: 994
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 834a759f1c5869a3-FRA
x-amz-id-2: 6lDvA/NG13Ah70SYz7rinfNBhtPRqYB8cRNAXOB0HrHMJ4cExka3o6S7+kAh+aqG5/Nc7+/gZfgdF9MgeI4iQg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 55ms
13ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:45:01 GMT
content-encoding: gzip
age: 179310
x-guploader-uploadid: ABPtcPrYI9WjI8qWERv8Pq3_qL_rWNQzx2w0AQ9duzs5vDQZtPMEVroiATrDFn5QEswUa23PPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 09 Dec 2024 23:45:01 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 41ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 01:33:31 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 61ms
14ms Script
text/javascript 65.9.95.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-74.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:16:06 GMT
content-encoding: gzip
via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 76646
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: NgIt9Qvpu30mGYNxI77iSFjphwOg9XH9Uiv1-aRz-8Mr0ap9zOPDtA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 53ms
28ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 08dd14c28c00f8958612f07c6bb5a96c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 193 KB
45 KB 446ms
446ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911362765832022&correlator=693694084228574&eid=31080124%2C44807746%2C31079724%2C31080116&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702431211367&lmt=1702431211&adxs=-9%2C426%2C426%2C426%2C-9&adys=-9%2C390%2C884%2C2266%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&vis=1&psz=0x-1%7C468x0%7C744x0%7C744x0%7C0x-1&msz=0x-1%7C468x0%7C744x0%7C744x0%7C0x-1&fws=2%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=144635658.1702431210&ga_sid=1702431211&ga_hid=1439740521&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1_66hsYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjX_rqGxjFIAFICCGQSGQoKcHViY2lkLm9yZxjX_rqGxjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y1_66hsYxSABSAghkEhcKCHJ0YmhvdXNlGNf-uobGMUgAUgIIZBIUCgVvcGVueBjX_rqGxjFIAFICCGQ.&dlt=1702431210578&idt=751&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5df1e8e6f20517566308466b4251c6c9e54facd975bcca40713d20b763d3545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45618
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E0F3 6 KB
3 KB 88ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:33:31 GMT
expires: Thu, 12 Dec 2024 01:33:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8613 15 KB
6 KB 39ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:33:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 280764
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
225 B 40ms
7ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blog.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blog.s.id
date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirec...
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirec...

85 B
192 B

119ms
118ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: bc37a163eb8df49043fdf168f15af82d630845100909c3651a469a96f22cc818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ek/HShTPkbbsYd3h0moNcP1xcPs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.s.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 13 Dec 2023 01:33:31 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://blog.s.id
location: /esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 109ms
32ms XHR
application/json 52.48.81.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.81.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5411fa3b97646d618255d3aeb674b7cc86798a7ccfdd59136a15e18e87a998e4

Request headers

Referer: https://blog.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://blog.s.id
cache-control: no-cache
x-server: 10.45.5.175
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8613
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=T0xmBXxEWVllKzFTS2tUbjM1M0dpclRJSGlZdkdWSEROd3pURWZlNGhrdi95MG82ZnVBTjRYNWZnNWRNUDE0d3M1aUtXN1VPOVQ4dzhIamFta1ZZQmF6WXI1QXdMUFJUbnNQWnNJajVDUk9rSzRhdkg3ZjZmOWxtUlpxbk...

422 B
648 B

14ms
13ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=T0xmBXxEWVllKzFTS2tUbjM1M0dpclRJSGlZdkdWSEROd3pURWZlNGhrdi95MG82ZnVBTjRYNWZnNWRNUDE0d3M1aUtXN1VPOVQ4dzhIamFta1ZZQmF6WXI1QXdMUFJUbnNQWnNJajVDUk9rSzRhdkg3ZjZmOWxtUlpxbkhuZHhiTjNCY2JwVkdDbFlLd2tvd1R5VXQwdmxXdXlCeFkrSUNGeElsNzc1b3V3ZnB3Zmo2VFJSV0Y5a1Bvdi9nVW9jUkt3RHAzdG5DS0VyMFhYZklWZzFZcGJYaTJEeFJrNEJjTFdHc2dJWXJPN05xbGNSZWJjcisrblZlTTdpV1hqbjJST3YyV2s5bnJTK2JxWmFwSmlrSGlzRXZPUT09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

36f19987a72302f93d62560fa2ca9bf4f9b56aeab752648c5e039c05eeccba8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1276406
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=T0xmBXxEWVllKzFTS2tUbjM1M0dpclRJSGlZdkdWSEROd3pURWZlNGhrdi95MG82ZnVBTjRYNWZnNWRNUDE0d3M1aUtXN1VPOVQ4dzhIamFta1ZZQmF6WXI1QXdMUFJUbnNQWnNJajVDUk9rSzRhdkg3ZjZmOWxtUlpxbkhuZHhiTjNCY2JwVkdDbFlLd2tvd1R5VXQwdmxXdXlCeFkrSUNGeElsNzc1b3V3ZnB3Zmo2VFJSV0Y5a1Bvdi9nVW9jUkt3RHAzdG5DS0VyMFhYZklWZzFZcGJYaTJEeFJrNEJjTFdHc2dJWXJPN05xbGNSZWJjcisrblZlTTdpV1hqbjJST3YyV2s5bnJTK2JxWmFwSmlrSGlzRXZPUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 300935
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8DCE 0
167 B 41ms
15ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 13 Dec 2023 01:33:31 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC88 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:33:31 GMT
expires: Thu, 12 Dec 2024 01:33:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1112 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:33:31 GMT
expires: Thu, 12 Dec 2024 01:33:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA2F 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:33:31 GMT
expires: Thu, 12 Dec 2024 01:33:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EC88 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 23:20:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EC88 8 KB
823 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 00:00:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 01:33:31 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame EC88 15 KB
3 KB 49ms
9ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 03:37:52 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame EC88 376 KB
131 KB 64ms
24ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:21:08 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EC88 30 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 00:38:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EC88 0
0 26ms
25ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHYVxRWkI37-kxaFWjaHDV8BOkDx42dz8ARl8UOinKt0cuBKxQtoLoeqFQcUQIk3EAodOMWvnGu5fUvDCocTieOp1Phg
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1112 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 23:20:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1112 8 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 00:55:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 01:33:31 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 1112 15 KB
3 KB 29ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 03:37:52 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 1112 376 KB
131 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:21:08 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1112 30 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 00:38:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1112 0
0 25ms
25ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJw68C0fJItxn-FfNoueJT95EvJqTZ4iCpe65xCiqz6q0GDIOcFEnCPk9P6oAEZGvFiudao3Q7L-EqoE4Vs9X0v_MjsQ
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5BC3 624 B
242 B 48ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:33:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FA2F 89 KB
31 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:33:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA2F 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AELpHFPkYH7h6awKYylJTgmYfy6AC6jknIBeuO3EPuOvxp_XrkjTpq50E6tP2_kyS8K0pQSvoqpjwVoFMyAM0wEGVc2AijUR_vp-dFN1rJHN-arJU

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FA2F 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:55:38 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FA2F 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 00:38:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FA2F 0
0 25ms
25ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRL1vA8ZQE7WJv2eiC6p56OfM73ZvwFoq51eaJlEqhF9pBtWTxIuWHopTH7KO5hppHTlPfMpoD5eruEZWzXu5Km-OwIcw
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA2F 203 KB
65 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:33:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2911362765832022&bg=!hYalhsnNAAY3kmNgF5I7ADQBe5WfOCZS3j-SWIUkbAW8_17pt2jMaUP4ZxrR0Z1DX2rHHOFxrRdfdul7_Wv0vdpkW-1mAgAAAGpSAAAAAmgBBwoAW9dvwaQvSNEFdWpqPMlcLtd0R_DUHWiagDBkInfrLvy6KPblvh4HwjtVyr2QUoc-VEz0yeqrNxT8frLdnhtl_XGpJBq9AbLp-MlU_QwiYdhn22VtP1Eyps2VEWaZArz6B6OweDZJ5DjtQKWchUMmVlwmT8GPEO98DRtOuJmJsR3YeAHw2nA5nXIhayeYn1s5swHHRzcTpNIi9fb0E4lyJn4c8bXwtN71vx1AFcGpMQfMCVHs5yJ942KJ6VEATBe_Ch7fPgXguDZloECj7uaZL8BqLk5gDLDgepsXoaZ1-K4sT7x_omaKx1rdQsDMXHpdU4eZ8zltwUC-J-GSMfbsURKUrfQ0QJMS4Y7rQfpgFZ3vmfyZQeU9XzYUxD7HuHbakJ0xU0FIdFId5wC7CvnzEiA0BmFqYWHv6zjM_0cz7uo4HZ04uhwcN1DVFOc9uUkV5NklOWecy6jg61htM_HQExdlZn4l5W9cv9VRz2GMfvyg6KuzuKISGMaf2WiWgQjfs-RCJizwWEw1tb_lT-FG7MacUijuZBCORVeYrIeICzX_oZq1BOvN1QfsFLpQ1jPOKFerzcXfZNm8oM7jPECsccgl5ewvlPmFOnZVeJYjrkhtlp1rvbCAmHugHpNW75j_uQUqSQbqonbQgdUstAzvxInXwq-TuluCuVGTyKZm4Fbmp_8Y8fnrpuaeq2_RDd3n43v2U0T14VnIAypCxnxDcOH0LV4ceA-mCAMxyiuE83io0-mCCuYYkSUUcY3Knl7V0gE8WJaecP9bARXXfOwm1wd8lYg8VYg8F0tIaR2FnUyqlGrCitVLtytWpz0FykZrF4eABeISLCdgrDtwQu3XBrnnzhoZ-SgsH4usbiUT3GmJ7n3euoPtiypHcN26Nfyk2MOBHY5j1opt_beCKvMvnLrQKmc3XcFr2L_pXaLq-9Z3KADYel1YRj0JB0-bsgBYDBU6nHwj54Ch-D57ZeEPIVKifGLvW_BIJo1EpvKml8yRyStB00DLpTEMSZPOUptxk-wok-w6ZI9g-Jqrp3KGnzl1IVK4Ap9OPZB_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5BC3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1

43 B
772 B

21ms
21ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzdNULjXpMUP%2BLKV5CAZLPgem%2FjkVGi8L2fubL1MD2l6ACIA4uqqokpmHWHTMWQS9Np5%2BG3UOthxOiGy5jIMFtU6YgD44LTbFT5r7fz%2BoErL1666bdicxmiN80CSL58sNvJz3%2F8p0MGBYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834a75a30c882bec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5BC3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXkJ6.8IKvdk-iNUwbjKrgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1&google_hm=2

43 B
732 B

23ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9kzbjZJ1YYsWU98nG5tA1C%2FtQsA3gEFX5RkS7rHhReqDn2U8SR4Buw0Cte5BcY1iQYLHQvJQdu2MZ2fQIai2M24FUFyKEvCMi%2BbHbpV%2B9HyzOSs359J2YIkpaGWiYgk8Kmi9PQwsHETCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834a75a33c9d2bec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 5BC3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBLK9xinpbOSXLZBvOjZgfg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLK9xinpbOSXLZBvOjZgfg%26google_cver%3D1

43 B
896 B

14ms
13ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLK9xinpbOSXLZBvOjZgfg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
an-x-request-uuid: 507ea558-c1e7-4eb3-a19f-eb95c83dfe04
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
an-x-request-uuid: 46bea97c-d127-4566-8373-bc1beb91bfec
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLK9xinpbOSXLZBvOjZgfg%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5BC3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D

170 B
243 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
an-x-request-uuid: a0f57014-bd9f-4a0a-a3fa-00d3e18073d8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1112 0
234 B 35ms
14ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq33l67m&c=5192186116256&slotId=2596093058128&qqid=CLLm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1112 15 KB
16 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 377650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1112 15 KB
15 KB 34ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 59962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1112 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cjpjy6wl5ZfLEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0MWtuPtM8mHC_uFytFeRWhxrfaVqwADJpw4V8A5rsxzhmlJdaiU-QhD0gmyWc1YMwf1jK8Pz7MwLhf2Nh0FXZrI7GbhQr8vI4HIiv-ctcx-taI6zWKfewrNTv6SMueWVDZ0PBQmcDe7RnuJi8c3-13ltoYDBK7yIByeAmrwI8H6ztmMbcZFalajcZA6yaHcooCYTfhFcCEI9CrL2yFN-11suZGqa-FlsoWC8zMWkOhpFGx6C1SbIkTrpMDLm4tgDCqUHR9jy9SNtZIoGOZT-G3yKJUplaMP_yb2072YdzVJYmOn916c9ESzJy2Pt_-NZrV_ABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPWv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1702431211961&ai=Cjpjy6wl5ZfLEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0MWtuPtM8mHC_uFytFeRWhxrfaVqwADJpw4V8A5rsxzhmlJdaiU-QhD0gmyWc1YMwf1jK8Pz7MwLhf2Nh0FXZrI7GbhQr8vI4HIiv-ctcx-taI6zWKfewrNTv6SMueWVDZ0PBQmcDe7RnuJi8c3-13ltoYDBK7yIByeAmrwI8H6ztmMbcZFalajcZA6yaHcooCYTfhFcCEI9CrL2yFN-11suZGqa-FlsoWC8zMWkOhpFGx6C1SbIkTrpMDLm4tgDCqUHR9jy9SNtZIoGOZT-G3yKJUplaMP_yb2072YdzVJYmOn916c9ESzJy2Pt_-NZrV_ABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPWv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1112 0
54 B 28ms
14ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq33l67t&c=5192186116256&slotId=2596093058128&qqid=CLLm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.go&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 1112 31 KB
17 KB 97ms
50ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ArhKG4VlZuMdzXH0XW7gyZyYNPLtK-HWJDvAmv15lDfnX957RfNfZFH7RBypRI4JcHHk2eZhR0MsQGt3ygIQczPwLhnw&cry=1&dbm_d=AKAmf-BIBqys9cgmSdcZNCN4aKQMOVDboXELjAn8-zVs4qU3ZmN1ITlZvXagaRPY7JjYPjpLNKUIWSsMF6bIDIqkz2YDfmPF09rrjcI8o5OIwBPbUBYYE-znqudmnuQAItVSmJTL8lpTFRWT_WYmG6CNQfkiA04b1xUM9slLmKi6IZ6OltJTVGWRGw2ds-ghl0BJoOB00WuAumLUh5NnXQqXdCR91M6MxBEvuKW40Nc-WsE-xurMC-zCrcZgcpinYp8BQ_yMlsKPi1GP8dAeMPreCaIhW_CXr1ehTLmtSNZxVu6f_u65xJh_nmzhRCQODIJCQbmu2DNP-Wb6i9BKxb6mSj5KJPdhO1dxkwN0jguGz54280HZkUZdxNFfpcFz1K2CKE4qtXK2pA5btU0-9BnRqpKENmahM5ZfDoOp3QTI3G_mCCGZltFho_SczLsgnl2yjurr3yrk6e42UUKTr16hFn9zqtECWP8K_oEvS-IXVYkf3SEsAdh4-3H0OdCoqsK8PWLPhGqBR9ehxNMSbHB6S4Drzv_F7v2h-2ecQDHg9kI74Nnx-qtHxMxW4elfDhBBwKFkYZIasEZJQ9hTCyloY3N2YkGSkseMpjyrIE6sH1u2Yr1fPoqYSVvNDe8PjHCCOqzPeOMoDIx2KWjffmhh4LRVSMsQV33JylJfUcpL72UUYr6wxRnOfi-nPOAPeSivAM7UKeMcQu6l1bxrGVPBqhwk1EHXCBSc3kOKFTGcARWuHmPYEwAg8MLLzWfMuvsBikRwTB76ovJI9wKX3mwiNobxt_5p-oiX6Ca1w44D2BedxGRyRNrJqjc9CST6ThbvRsu9H4LJcuBS0-MI1DEbAmy_Zn2CXo9VtVbe1sSF1AeMu-aLlJtMCTojpXITyU3jpaq5YJevwNiI2KaRWGsu7vQHuW9eWbB3dIOsUJkft9msvf2gElRh6W75GuU-X6OwJm5bFTp3SLZE6I06h38BD0KyPnTgZp6_dt-1OYCO01yXWEt7yEjNWU1PMvUnWPbs9Fjqp2HL2_sXSh58z9kPLn79ZFg2IH22phEdkRr3tmWTWf8VLegvBBGqTvKSCCxjqXLeDZGARu_Gvv-HRd6kXva5FeBJj68oplVAw--9Wfom3ffKNmzxWWRYta7j2-kGc1VlHoCrcOyeeJ54hs6TjHd83x2DES4sxkft_QMV9--jtsq_sT2hGh-lafnwbvsmKJ65avqJZm81xMTBylXucx95_JhesjAS-S9NOd_qqFRxTtRqUGOyWtwYG8AbgWvRlBvND4YOUQni61n-MeJvUcLvnDaFzu0oRmAL7hfR4DIip--890IIAGwNiMD8pT7L1OQVEfwafWWSzy3o3CWPjbvASrxhoeJW_sgEyuhX_VLZzX5mPLCZsCVulAELukRA42sLOBUZM3Ktlpi9tKwvSjxA-r6oSqjyDm-G11nQu02jOhdOlTpZ0rJ-D6D6A87hkFaI608WeNy7OuXu0XrSNn5Vg4LYMBNBHBr-mCEiYHby43HgN_w4hcmyBAZdqZVTbIeiLoUApUYbZcBJKdPkbOemSAWtOJK8M8J7AaW7j92Zv-tEimdsgfkFPp7rXFOkD0kPl79B2i5Mv0Yx2Qjx9mKDqyF9sM85B29FSYPp7d65W37YlAjq3MIqqMdo9bNJ9QRXxexjzNGMPyPhD4KlLAWkiKMiWZJknDc0GDGpXL_TUidHqtJG5lzJAhWX4U6DFQk53aTLe0YbWYZeDL41hzLoKpNQKOfmLM8ULCRTU73vZvOhOMfWs3sIFUvhfs8qniDrCAXuUmAVDWisr2zVxsT0NQSlei4ohkC3KFamcaiEp-8cl9kiwZUXxeRZ2balksQ1SpyEVvATjDnwg-nFQwEULTthHB-8Xc9CwhXH5Id1CHeK9fLzFd2SyQx8zLlbFkqt6gbmpXqM38MZHabpRtYUjR543YTiISW2MaqiTf4DYffMmpb4twahaOttdAmFGigeyU_XAbkSAVy1gx3b6W7XJJqZN8nVpYOnwEiJOwO_EZ_FsaEZib8brPlTkHEKdIZj6rELNHwtk7cj5KPg0ZB6RKWgxhwcIz0-azXtkaouJzfsBq53W18hES1HhwOUs0bUW-jkbkGh_SSDNIXKFA0y1kIyCth36pA-4LRG6kUWYatsdEgMJnMXX4_7qno8IHX8Wf2xysO6GDyliKeI1ejbEEvpdNOep41cnBTd1KcX4utyjEORu2CjNUkIZwJe6h-Hf1VEqac88_Om3UC42jl_CBh8-dejlWEvjlCnebaf1hlRSpsiosik6yrdnrXFxyZSy23AmQkQ7R8DzJ6KlmMv2BfTqMpRdlKt5SuYKlLzsp9LgCbgvnVxC4-7mDl8PMGqcwngIcJOVurEY7IWh_2XlmKX7TQqpt5ET86yj9Q8-xaC8Ns-kRYyY431Lnpgx691E57iMF-iU_8tcUEA7XBtm4QJIoW2HG7juBwPF4vsh1jokorUC1_3PAgM0wQNHfjnVXX9q2ROeIgx_m2Osus-yCbdPOtjD7TfhQ_VsQPfFy85tU646ppKq2E0vx06rTgPg9ZaVKFsxZQ3pBS17IOiVg8BTJDNcuc8bXJKAjQozIB8-9izXfbi4TnvBTzQOviw78WuE50FPT5tgSMtqTaQ8UWXLjS7CnrhoAHdDwpTucBZjZ5m2imZAcgFWjPT2AegCDsRrS49A5ufLeSwP6QhBrsorl_tqU5t8mabWAFXHajnBvuTujVr19mnoudtiqnebCD1SpeUxBANsbGquXS6n_IDGZNqU2yT3yt_hdJZ07vwNk7-1rk4lbvSecCa-SDX98MoFuDRIvs2VlFSUIvfWj3LKQObgx8X4bMkOFUjDFrud7uiFzfakiK23nuB7czSzt-bO_LLIVhrkM-qs5wc0NrgIwU4cFAbP9oOE2H_7rohrKUc0lH4gTEmBMUg72K6f0mymPzzvwZlXSa4a8AV__NDdnB6zjVEPDenLOpD8kKMpDqAOxgxWLjtfOLzMbX0AURfjLg88e4Js18Ob3izdAV7_mg7YHHYWlHeAiNo_J_zJzVquGPieRdlm9qfNMHrDGBT-OeMVyxbhJkKTOY11_J4ezIdbwyq7qs9yzHtkaLyIJcKhenYRIHNvSjr7th6_nz6UrJ-DKrkNGu6zuZSattOmyRFWA-LE7_kmK2awHWnRkLN7Nl--t2KRZWMLEK3lSEeYnVQGLjlceDZQucjWWR_MCNjjTInjwVOVRTLR88sSC7I-z5T9Vc1EEmsBp6knZ8qiLE35wM1OrkG2L07tlHAwn8vE1XN9DAu2QSdZJ3pgeoZRKcpSIBiqNU37lLOhuSCDiGI7rxfrGLHNIPoUcjnxg12EAjivLtl4nUQLoOy35DPyyF4K7d0W6b4X_WLuIkda74Ezf9xsYRA2IRiH_mkpt6ftb1l_fWudgs0Bx8ECJMy9S16etR6eCfx4xNXwIGZi9uP242mbHOE1-aWU7w62ALYNp8NRbvUyJiIdYbufQnWu1ND3g3ho4SBOkLl1MVEfs5mEgt5wO3Z3_Nt2DZgYkZPGXqGMyi0Q5VeF4zAj_-S15jaYZkN519AbJ6UElbBgNIdO1fmpKGkar-52CmNxLvZ5JGzFDk8B1uclDOgnLJi0_-rJfOrWtdkDlT6BzSZm8CYqSZbH1yasnlq3uFfCM9eYHyZO_lXn5rp6RC0M1RU6aQriSo_s6KB3d-bT-Am6USAfv4ZDzVcGaBzeZGiVlig2Mm1Dje-liHKqwERWltM6viM8JCfi4DC1pcpTh9k82AGKM40bHaJooKSbA3oMb2Yr3nsNTOCxQsFDzh1_Uu0dix18Ba8AdE95Fr_b-CsuZIm7_6rp1xBvz7ZIRGrD1SOiBoKKE68OUuGomH2DR4Z0_GegKjQdt3VQe4sDbHA2lxBjh6Z8NxYF674xSJg_gI8SWnBKqswexm7yDyER4mIUz5JAxK6-UOfXlsSKaM-NPLwOGhnMuroDerTIlWARw&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

2f255686c54d42d8c9c2a046638a017312914a16ca4b444cacfbcae8fabe807e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17262
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CC6C 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Wed, 13 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1112 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 396aa9bde88362bd1d235c6cd499d7ebe1e3dea3e988f3d147aed59be821c44e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame EC88 0
54 B 19ms
15ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq33l684&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC88 15 KB
16 KB 18ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 377650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC88 15 KB
15 KB 14ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 59962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC88 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1702431211978&ai=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EC88 0
54 B 16ms
15ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq33l68a&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.h1&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame EC88 31 KB
17 KB 91ms
56ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AG7Hz3HqYtUzwEo48Qcpnfb8etMTdIx5iTu6fOs_lviLwBefKwl7Phnt-kl11Gaj8e9Q-IO6eqhigO6S9vjn_7YFxfwg&cry=1&dbm_d=AKAmf-AVv7WHVG1JBW2-kAz4VhXx4rQ_JmIcRZIu5bU3_jQCmxupLWHZnCF9pPtQSatPYOJRJ4KZ2eqsux_Vp9crVIDnXjMR_46dSCWH69g7l_EnJu1dtrCVtqjHtORUbvwWALPpsjrjRReZ8Fbgu2wFTGM-zMrfq3qtMoodevIjVjHYz6-LWXNK-yrCStIz-KoTlIj9uz2CFBQN0YIk1pJGLJlBMvVcBwryBSLpisV4nQQg2cLi2EnmyXGD8Ngd2eGvN4psKfvUx0CHsMvBhCjMiiPQN8tQkiHPnmoVKFk3cqRCvvgn0GscKv-PtYr_x8lHFlJOpfOrUsH_4Z8y2XQ5e17LMWTSxkLwz7Hol1ClEF9XUTkZNG8rafQlDSZ6Gt-S0rRyRIGo92oMc86M8lpn2B1KyIkXt1yarWh2oleg9199cUxm76JkxMjH6eoS5Kr2ukjTknmVdSQy1z_BXoee42duFEWgSv4lXm3NVfWWBoxmOetobLjh3wpNBJddMErUnjMj4eVqMxdQfq1hCjKyiPjoRfkutUgwkk9YPPCa0BadUXCRHFJzDyefPRyM4-Y5OLclfvTNOvNH479LFrGuTfdea9zLTNuQ6e01p_Iavk_2gmGghUNeznl47ZstUE8_kYuKVSTIlB_ZB_o8fA_DbdWkzKKBvZTXxYdlTYgUeDUeabb6v9LKROS1ZOEhDodc_oTAn7NRGcA3ut2lwlVpSZFKN73FmpusDAftvKljSlSufyySEUbiMbVmfGRCaH7PPtQpjWH23Hdd-uJL8VXOQkhDQ6R9k8C4d2fgQ5MBTjCXsWa6zV2kj_hm1r5PXS1dAcnMrUenAfhzSCmJVyThQN5KG4TG4FlQFp2iwGj7PBX6VhYaussMOZ_j8TvaTAFjBbATnmUT-bRRGd0idWVf__Gnv4avXzjYBxasx55ubQQTYIeQpJWgzGDuvyrD0FOoYeM3f6CwpmJy3A4qNseVmmlqYmzkLOhlEoCBKrv19EV23zkIMRnpvBFf_kDE2oKAXFzL_UxXVs_MihGTRdHLGfiBhmdPa6LKRYVo5D_lWctZqvQfGgi-_eoOEcUtZPK_hso0fbLUV9aOcnSWFCH7ohh-7BIjhO50XxsQM_OImuPmb3TAvljdU-y08ABdGqgT5JCXCHGp2K6cHCCvRBBGO69a6N0-X-1joHesl1d9S36v71FGqwnpv748gVUUwQ8XScTO6oTX3IMDQnTy2DSIvkBrkLDbDNViyvslcXRQ0B-MYv2uOJeMzJ-A6QGXU0qKzsJx7YN1oW0p4HvhLwgAGBy6ycfX8Ax4lzkTGDzzsdH-nQ4HeLDE1pjFePtkf1FmS5ueokFDlATFXDKTs97Q-BNadevFjhqhdliApKA390AvfFd0veQTKbvo7tuhUL8cHd1UIDbRbsQZ6kd8dAMYnPgm4u6QVF7yxhemov_fYDvmnmYSZW0xnMqxC90y0piif0slcHBhg8LnvO9q1RQK1xdxKwbQzD_0vQOQn-zlPkbCJvjrbksO6MpeMI4OcOaFqVoMs8Ds2o8ziTfgMPFo2xev8Gc2rIxcDkwQ4xXxJxunbrKl1wQ36iNnXJ4QKLfezabxp6TOnaP04fAzConIjWsDga1wWdNLo_K1TNr1rQPeuJgTWALNo_ESAKXt9ICMs9_4XzA_XvsDt7NeXBf15SjH21CqAGdwJ4FBXtTAnJj0U0uY6_8xAcrzyEBjw12QziBz65QawEcMWBiZ5U6OVEzzpXWpnMZyQ2DDbLTY-HatqfrgBXGYJTTgRwI4F2ndwJJ-7_o7XFZkBtSP7lsM_Dxw0meckS8hfqVWKSg_xMbh8wDueYxrPU52rVn4zJ04GnOQFayHHy2l9RqgdxdXk-H_UVBsftioBdyrDFIin13sfZULdDIiw62e6egA39QQKqT3rg6BCaOBxnNxRPRcaL-aONA0p84G_uFnHOzAI7z1nykxB1tdNrnQOmdJdPe4eRam-B-KIGSsBX84OM1r8AeDeY0gMc04Io2MEesDSOngihS7eZXFR96UvQo68zlVJ7WgseQSLsl25nxHbl6XgTTiH-86qAHyZ7NncaPu2c5PRRF5XcaSNYmVzvCBn7_tqgxky9SZ6yJBRrzmM-QwHUF7hepHsFJwmg5sZPjpgAh1j7Ra6J4TLE0-xgIm6X5WXp8F93Im2-YYuMQnnBS08UDMLf6zFkpbAGRtBnAoWS1lqORhrw7kqdkU7I-6ctuSB2IEgtR3qAWxBx-bGO1OsQVZxP8hhohhwN0bAhwzmLK750yVG0eNbOXQPMw6kFht2myzQO9fZXxElO_iilelDqYMXqbxHio_7wWBnncWwm_y15sPZF1BHOOI7f2kbURFx1rmpHdi38a4BD8sHUIOULYSQhFJJXH92E3xZZY5-NdRLTSBXUAJPMRd3Y1NL8CBjV0jrrUf23dbbw3LhMQAE-CjNKg4TIVGq0t8Ry-dm_RPL3KX1qO4zse0TpJpB5qzbmg3UwH-awOO1yA1LQqYgjzrtGHUVrnJdku2EotPU1xTiPpStgnrYr8YCJ8yoWJyLithkx4dblssAiupjRSUzMTF5maZK7ZMYwcdbgchkyVkSO5WOgW4KyGKUNxaHnfOR8q5PLceiKEvIm_YDc1Hh9i6lYdj1PYNMxT9MeHOzvKxHs4eRkEVOF4-SJodpZENkGsCIIGRSqAnvoPUvRoEcXQktKWIB8bhIk_-fbA55c7rihArImpzSXiiGTr_pqiv2auQnLXerkOc1sdel0ZRkXp0PgIJt1U2H_OWXEDpgV8tlc4cpIB0EJzYF5HXl4z8XlIlKhb_xAg9aDl13qsW7c-0PSgJjDckvt4dnDxcp868EEr-CfCl9nWG4P7ewTNBdNC0r1x7jM3GhpEIDY-8xbg1mMDc0HKQnRA0xqRxdFsd7Xu12dAffDpKm33M68HePVACHdZqvISgAixu1fCb7hAKLv9PV16RqS6ztt-iDndX9R4zE8R4P_flCwH_xlGwdKa4eUKFCagZ_HZQ46VTFcoYOZPA5WQk-DBdK7N5sAixa3zblI5lbTO1bvy6qpuXuulElovMgvclrbuoeHquy4K7WxV3KOxT5hqYgVG7ODHQuyUNMFELo5zIm8yyrLBpLfceRVNuqBPFG0-Vd62aKz6ZHMZy7qr5vUIpN9ET2cWdeqnirAVgVi_B91iQQEUbMlsgDNEI5I4JX2OypU6BbNCiJWrN77N2NkYerHlP_K90T7_A8f-tH-W4GMIcfRqjqX1Ehd1Anphe_xPpetyAR6h0t1kydmxbq9cPvKgXG90oQxQtdsvNh1gixkwzrdVn9lqX42IX2hE1WLTq9zE8oCNvUUCPpoPpAj4H90ScwwE8rLZ5TFElGpb7Hovhen99n2Rk_woAQP0pXuLFuDTHEcwh2Wkmt2GhB0QG5bU9GdXcEpohdGRUpRZZKbcqf_pLfqV_EapHo-v7WbZ8o8bhG65qWLP_WYtALKAdlvy67HUGFb3MFbYJMXWcQFyTDyihW01R_ixi1MlJRgN5mggsZTrwXH2wdfaQ1LdrM8XuEkUQoTV9HXYHwJRt93WjM6vQfsT6X2PeRVqaLIz3vrmlyBJkN_pE7lhC0doLGm7zVwjdkW8CUlfH56q2bpkrafAT7NlgpsvxAyHPjFOvYZTCscMzActFTZ1EQqFEgQz4y9u2nfTS47GXpCZQIbZi-fvVi_0gP-oIfdcDB49JFhg3rQgnw6LbPc-vFi4er5AlLJWOc0681q8zgdz9r9laR2Cy9vmsCKX4vxLGqkdQzrJG8xEcdk38djHgdBYSJluCS8K16jXS0TwGh0dRA3DVIxiCz70GRNm-R0DxO0IoPwJLYHQhpgTrOY1owgo7KE3OMAL3X8m-DbsiOOywEiUvUc8yJFF_6lBy1Usi8Ty_rCqFyRMFZpZDBkLSzV9i5X6OQp-6146Xx3DesB9uH2VeTwLOtA3rwHqWpjpkn4S_1P8zdhWzY95tkg&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

06a70b8c1043dd53fd50a28c787fdcc96d00adf2dab6bc8f5f558836a85ee4ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17446
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 20A4 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Wed, 13 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EC88 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d1352059225e20ff83188f1b2a14022ecbbe1f4421226beb884fd7fde98707d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CC6C 70 B
149 B 102ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEphzj47s7gnCHPArH60AWk&google_cver=1&google_push=AXcoOmSQCbUrrtE9cx1GustKya5oq2-US1A81jhyr-3T6TBtk6OmP0gTEVztSjhTaCtmhFNdCRgh07FgWIcrsjLE-pjahloUGkzvhg
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEq3jgSehWd7u8AjVRkvl8k&google_cver=1&google_push=AXcoOmQrGb-K1nTHB23bhf67KVMXTnGxBeYB4egk0tm_fgqooQ01SpU27hDjDAb-9Lh0cvR65xlTMSWYaikqlA7mbR9-CoN60...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864086004643&us_privacy=1---

170 B
232 B

19ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864086004643&us_privacy=1---

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864086004643&us_privacy=1---
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEO8nuvPdrcDqSlpUfkISo3k&google_cver=1&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCed...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO8nuvPdrcDqSlpUfkISo3k&google_cver=1&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKC...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA

170 B
188 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOP_-xwWDsj0AMbqfY4ljQg&google_cver=1&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1M...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1MDvRKE-mGThjR9rA

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1MDvRKE-mGThjR9rA
Date: Wed, 13 Dec 2023 01:33:32 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECvnlr7LnLp5V2oYPxwB5Z4&google_cver=1&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOv...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY&google_hm=NjQ3MzA1...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY&google_hm=NjQ3MzA1NTIxNzExODYwMjM=

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY&google_hm=NjQ3MzA1NTIxNzExODYwMjM=
Date: Wed, 13 Dec 2023 01:33:32 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEFBTpngPMUYYU2LoWEm0_-4%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYnt...

170 B
232 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
an-x-request-uuid: 8df4be8a-efa3-4e99-a868-a22cadb71bd3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw
x-proxy-origin: 138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSlWlkjw_hg59OZw5Q24d6Tp2G-dSdPiNkOilKZGkmFWKkEHNS9IEgDFpWovFSP9QUC5NUQVzzw1DT_bYB8Ini1BAbiSxuMReQ&gdpr=${GDPR}

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSlWlkjw_hg59OZw5Q24d6Tp2G-dSdPiNkOilKZGkmFWKkEHNS9IEgDFpWovFSP9QUC5NUQVzzw1DT_bYB8Ini1BAbiSxuMReQ&gdpr=${GDPR}
date: Wed, 13 Dec 2023 01:33:32 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CC6C 0
130 B 18ms
14ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZ1lk58uIJO6vEQzUoeS66JwI4HBjkuWHXelrRjybRHcmulhm_4tqc0mjQw5CZZ6H6ew4CZEY_

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 20A4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDtkhVFcne1opszwlNsEgJE&google_cver=1&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E5E9C5AC05D4A9499533F561792FCFB&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpG...

170 B
232 B

23ms
23ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E5E9C5AC05D4A9499533F561792FCFB&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 01:33:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E5E9C5AC05D4A9499533F561792FCFB&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 12 Dec 2023 01:33:32 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20A4
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_AGYwlJ7RJO9BYtdcz3zc&google_cver=1&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz

170 B
188 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz
Date: Wed, 13 Dec 2023 01:33:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 sync
x.bidswitch.net/ Frame 20A4 43 B
145 B 36ms
8ms Image
image/gif 3.123.203.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHM9tIiXS8xFm9yTy7PYybU&google_cver=1&google_push=AXcoOmQxg8dNljcSfBoXE5gAaghs6ksaqBU1K9R73r-pqqmdH1uNLduEgrGB4LNfCQzhwztwcLFpnrhJywV2LXu35CaRP2yEbnih
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 us
sync.go.sonobi.com/ Frame 20A4 0
401 B 284ms
91ms Image
text/plain 69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQwTDUrCYatxb4nx4IUNpkCt4vQVuoWIOmuBgPe7C5hcULrC_loODdT9rqP9wpG4Uf3EGHmUSQufRrmRm19AjWhDtow6pDO%26google_hm%3D%5BUID%5D&google_gid=CAESEMQDIZ5ZUOiFb05fcYYsuXE&google_cver=1

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-213
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20A4
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELZ6qFjWUdJExbHrR11o2Us&google_cver=1&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&google_hm=WlhrSjdNQ28...

170 B
188 B

16ms
15ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&google_hm=WlhrSjdNQ284WUFBQUROaW0zUUFBQUFB

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Wed, 13 Dec 2023 01:33:32 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESELZ6qFjWUdJExbHrR11o2Us&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZXkJ7MCo8YAAADNim3QAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad418"}
X-SO-Key: ZXkJ7MCo8YAAADNim3QAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad418
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&google_hm=WlhrSjdNQ284WUFBQUROaW0zUUFBQUFB
Cache-Control: private
X-SO-HostName: m-ad418.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 0
X-SO-LB-Hostname: m-tgng28.dc4p.scaleout.jp
X-SO-IP: 138.199.38.132

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 20A4 0
44 B 712ms
230ms Image
text/plain 52.194.23.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESELvF5_CUK4o-3L9Mt1Gzbok&google_cver=1&google_push=AXcoOmSbMXw1_8DnRlTS3HYNdJE42A4o-cnmRVrnOBHy_Ki8fvzZ1OGcVeQJNl5Rc8EPPiI_r0mccdpUdtsPNCHBiLQyr9zpFtby
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.23.155 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-23-155.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
server: awselb/2.0

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 20A4 43 B
146 B 34ms
7ms Image
image/gif 3.123.203.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJYGXbtlNif0nZm0rGeiiks&google_cver=1&google_push=AXcoOmSEjf_oDFNOYnimX6mVO5LabVfBkeQjmqziwKlNiYS5JW_ce7f8FMxEcUSlR9-2ygHFvel-yg7rYz0CdBI2EpAr2rIwpkLHNQ
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 20A4 0
49 B 17ms
17ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3hXYsKS9UDLHkdtxHn_3EDmZRz3yn2PuhbiSbO3aY1R3nOLkEceOPqVitHqyoiKUBUPenDw

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 66ms
53ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CdcvQ6wl5ZfLEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMBqgTwAU_Qxa24-0zyYcL-4XK0V5FaHGt9pWrAAMmnDhXwDmuzHOGaUl1qJT5CEPSCbJZzVgzB_WMrw_PszAuF_Y2HQVdmsjsZuFCvy8jgciK_5y1zH61ojrNYp97Cs1O_pIy55ZUNnQ8FCZwN7tGe4mLxzf7XeW2hgMErvIgHJ4CavAjwfrO2YxtxkVqVqNxkDrJodyigJhN-EVwIQj0KsvbIU37XWy5kapr4WWyhYLzMxaQ6QkSB6xFHYFpXiFsykFS6CPVocPF2HT_F5og6rgyantcDsWrweqCHPtHnpSoYiH8YhqS2xeUTIJcTjo4SjGLzFMAEyq362soE4AQDiAXPvODSTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHnLGOtwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCI8EUYsOHhgALSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WPXw77yii4MDgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMI9a_wvKKLgwMViHbgCh1H9AefsBP6pewVyBOk9JbkA9ATANgTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKugXBQ&sigh=Qe7ykSGv9Sk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&vt=10&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 01:33:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1112 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 52ms
52ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CYt306wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMBqgTwAU_QPceQPfaoZybep_7HsWw_vbh1eFpS8voMfJNzHU__19QSXhcq5sGDJQqWyF6fQqTA7V-2AJGxf5aL-YLb-TbQL_M-zDhnjIc1VUw6_KWNXT4iv-COUiWxxIawkkgjIy94rB5lZvzOOF4UOzq2_ft4zdCK79WLTtYD2sKkAtU2nZcYMSPLDmvQW60ZYNmbvWpUORSqJNxOHs4dho4sOj0Q7YoW7V2ewVi4JzQI_FKvOPaiN4i7_GpJeoO34zq3LikHimsdWSlfjjKaswQAHLVeA5W76IG_nAU4HMuxj7Kc7fCELvw41iuTCEKUY-HbVcAEyq362soE4AQDiAXPvODSTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHnLGOtwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCvr34YsOHhgALSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WPXw77yii4MDgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMI9K_wvKKLgwMViHbgCh1H9AefsBP6pewVyBOk9JbkA9ATANgTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKugXBQ&sigh=Xq2FL-reenk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&vt=10&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 01:33:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC88 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 1112 0
54 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq33l681&c=5192186116256&slotId=2596093058128&qqid=CLLm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 1112 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:29:38 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1112
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

20ms
7ms

Fetch
video/mp4

2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E4855EB70FF5537BD039A83FF61AC96176C597D.82B1F09774D2615C8672241FA22FEE822B00590E/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 01:33:32 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4302583
Last-Modified: Thu, 07 Dec 2023 10:13:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 13 Dec 2023 01:33:32 GMT

Redirect headers

date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
location: https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E4855EB70FF5537BD039A83FF61AC96176C597D.82B1F09774D2615C8672241FA22FEE822B00590E/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA2F 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3286478068475&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA2F 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3286478068475&version=m202309260101&ct=76&x=1&cor=4864032977484306000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FA2F 110 KB
41 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDK1DuIhvyjvMYIT_OM67xTE5pwUGCzFSBK8dhoi-mZ80_ypbVdqgSsilW86nw3RqaURe9C4O-voFklmiQUtJxowdU3C98hl5QT5AnWwBF9MAaltx5nqvJiCWo7WMp4-t4-Xlf3-QlnAi8uzA3f7fxnjd7SIcCw_DlPea_4EJh8ECEDxo&dbm_d=AKAmf-Af64zrtU_dQOjyiQTJNdeUBaUSBJrHcB3baTRjpmbCLzhLyyC7c7Y9H0BAiAa4MrF42FzeEvjLo-XMk4z9deUyXDBOR7oW0U2o2ObaRFo6-B_SRdmHlzXVSzIhLgzRXYLfhHT7Vx7GuT-qdhJLg1m9fMz6lwMSuU7OdQx5JeD2lQW6WTn8YfXDZDzsKNF-EcfZpu4ht3HxF385TujLNSOkRiyGTtaVQ6hEtyBRxB3-ua4CP7gwbjViKF9uzWvN6ClrplRud1lGBt-knS9M8Y280-52T_g24Dl5IWkhz532KVDx0Zu76KUDti7vtXe077ZAWbBy0mk5gC2NmJOl7At9cgCtpCS2Lev1dW2M26UIY94K5CB2e7AXSTLwcdC2Bpn3sN9s7kB_tLZICST-vwKy_er12x4RYfQH5y0WOAy3bQOxpvR6RSdJjHjW7rfooRKgrEyOigZ-7NRpdCWtoGxhEsx34HKDgAmuVq_KjWv9rWoJgghd7nyu7UcXvzK_WZRcCOjH-Z_IfxiUomowz7Lo09xhxQIfvDaAft-M_OBvn1H5VcuWhA9LJqMWdv-qSAn_dy9h_wKtDo9ySeOVpjJ-LjDAbBtUWoaoFCk6gufvVJ3AGhvBzFmZG8KQqIolYzk680JoplIbzP1QKDwHUGsMcdZkdK9Pe3W-BV8Gk6QjYhEkfyfIYVbH5rYrgiTytC9dAlgiOo-gMzZD0SlOIyF1AcDe-KuMvLSjRDqGBBKQoY6IgEXzlnzhQnMnZGVNZNZSH61AvDaDDPPiUm2ECzAumjhwlwY2JfNPQXGCNkr5GqXa3b72uqdOPjwhQdIv195TH2_HR0SpLe7JuZFVXNfA-yEOYig4WUI7MyHqe2-rKq4sUe0lE9qz9GoPi6Q0dwza-GjkVr7Aw7aFMvuhax_tKOIkUPKsXSSqNXvUp4f2aGvyBFUddfP4V9sggFVD2Y6sUi27SuTtji4pDBtAFlQdRSBhxTVHc7s0__vKQpVpVfEplre9QwPaXQ0lDaqcduhK9MDz4U3ErUQ48GHEr9LU1OoPZuRhsRFDRBcBP4AiKsWbfRBGWZJ12tNkoYGwA1-tQSL6zl4Y08NMjF5VHZHeCkkgypL7CrpEZQWKQB9n-R7l5Y63EVJ8g-SFNsopVFC3W09YxaAVD4P-hchB6kzydLztndrhrjtSV1YWFZHTHwf4yln_F_QvCUk5O0jnRDeKnq7EEjICrrHU-wTHK57Nhdc7C_1DnPDgtpvpOFihu6CgzWItHJr5XgjKMbjbBYzgOS1oDFjjxLq5QtLjc3tnG2tSEZLqqgQuJeyZeCR82OfZZQ3X5LZdvhLaJnf8Iw4u8I19h-AUFiAAc75aSDN6OQUiwyPK5ILInotJWhT2d8DHxWqA7SYQTbDEN1GahPHE0o8cQZmHlFI5DumO6r6gWdbbHGyuiKG-ENByA5O00rfq2oDs1P3xrBl4GMU6_apDx6A90Jj1mF_0TNN6wFIEuKn6JNJrzXwM8ysrfHT_WcCMRfgHRjJoBFIRl9XEeTphp3CCB4SgoPMrIWwnv988Pywg61XY-klEO_WiV7BMXrCz8o3Spv23-aTlyz7vpDDIbsEq4g-T303u0_h-6mgFtrtvqEYZCjBlxQ3uhBzqvmh0gPbANodS_ZROShuGK0FBY0PolHdTsMfOPpl5v4DFeb-f8qnPwTBDm0HwQSQfq8NYnG795xFp0c8_5ny2XSpIFF6jdNIuOWC0vK555OZaNuww9JluEXGBKbnY9uL2gbkAugnHOnvcIbGDgwcnbyJtLyHGcpkdc6XIiJBO2ELvB8oLM6GXgzxOpnzu-3Pye1VmmuDzNfrdPlX8MSfLZ7GoK57fPTZnEGT84R2FnE0-03hptADtc_tqEtb53lzw67GaXHHUhO53At91i54nT06vdpajLyS7oaKA-t40sbionBehW5tsz0_1-TIkDAk2p8f9np1eNe6Ra38haHJod8qAy-R8hg1mydGpcP0CsrC7NiVt1umboTLNtPToBaEIH3tUWOcA-YotlcOmEGmw1XwsRlfDOUyzn3Mreptl1u1WYeKTnUC4vpWc_pnYHp58wzmE_GAi6G7Xl8KvNVM4qmxEaaAtS7BgX66txkW7HfneXjdI758Mi-F_2pQsw7YTGgH6AUj9ik3cKYTej9ymtHqSGgM1ezlddHOHPW4dzFYDWWDcKN0CFpHEUuqsrkhrlot7NDl6y-813DCAX1eUgcKD561M9k-aocg286sb3LmCcWcAsIzKtt5HdZRzATAdYfHoUi8XukI-pNNWqDvHLyCgLMOPlZuZrj3pmoArwJgNRbBAl_7lTFzTcfUYptSOme1K-6I9SZurty5tOI85p9_F7se8MgzgSWFAsbqiO7YoajgDp9A8HqwuAnI_RJoZcbzzWBVDO5MpeITAUbmf9ydtUllO_IalHECdy9nftr9pxn6TYjms-4fF49EchxTNHEOneWHwmY0eCpwoFtlKeqbfIR-jSgHglFE_igYBeBIXb5695qoPYJmm62p9MYBA2iDbZWbEf6Yp6OGhnKM-EZHwtSlZVlRyD5P_JIc0Wa46GyQ-0NK9BVaag1Q_699MqZnDGb0M8sGDnd60-OPBBSrPJaduJQtmdPSl8LCPcmIIg36oA_gfWVi3eVHubtWNaE55Sa7q6rXNFeCI87UChJvuA93C3nCASnNVAfw7nNL59afYpa8obZaJ1LQZddsUN85tCuIucprJzW-ose8E1rAquVi3TUpzkmna83H6QH-Y96YS5CsbSkX3g5_3nwzy9KeAhqYTvgkchlSuPUpCYx4o22gMCsztk-Wlr65mquw6XonqvpySIB0ZVTObdheajkALxgbQyDv_5a25_vf6uwnMfk4wu5Pw4I_QsGMvmO9H4QAYHNb7Lawjn7MkeBIoJNBlFIMG22_v9SrdiaHZbUq8ri8kfLeq1BEpeyFyACf7LT-8BhnadOov86vMrqR0UAdmJg-cMQKAWnZHK5Yg2G9tz3pPO1vLHpK3L6186ApQ9cxBmubNpnSFhd6Xnf3QwugqyMtGpXBWUuHzXoAL8peFf-iN7zfhpsUov-_eW5taZ28R-8fC0kZqvKr-GaNjW7nSMjyrPzqv72YcEnOz8RfLbEZpXQTUNGIseRXIJWYAeMRd1JNW4jLGgBqH9DqrtYhTGt-aRYrBPWWf5BOUrSVZ07PuSWQ-_PaPn-9xA_1LakGOCn1A_JdVlTgNLyljU2PvJMlRxnqImGmEvqAUQwSfFRT2iVHkQ4Gm62bhkrIln34FCGU-8VgkCy6lxQp7DIYnO_FJDaiWtrjhV-nl72WzOGj4kmX6A_z6nH-6645jEAJw4k9oN2UGGGE9ylW6F5sMWoE44diosPFVsLsbZRy2Wlo_L--dYSnsSJMv80eNVINdpyCtT0mRK0qorhwI4ChzAViirc7jJO_qPJ_otCTYxHJMadL891l7_Y3ooXnyucP40U-4edzweJ-PBCmCbMhVvhF3Tr2BhawF_eovLphHw1g6-WjleO0ApQjEzzfOx8TQ8ZtnCD9n8VZiJrFMgB52QBLkDKE8PVABVRbzNGdG2xXvgIX7soODNjMBfJV93AldZXQPj78H_m0wiJwyXBxh205POBB5gZcR-kLgWfT0TuvXdeFdW-VhvsZSzcHm97nzYezCa_TQEP37vKMnPph0tyIgByclF1kX7horKIo3OsjLOzepmrLB8qoculVsjm1wAPdJ2ZpdnDU6WgXW8yfLcVTXtkW9UH4ov7shcznxKYo0cyKSUJthdQALgZ3nkAeyA4rNpDZGdp1UppSsiuAcUGBFUPaloRB0TeDPYXQlTZb6_mjEyYZ2x5uiWrFqGoSYUANrtJeLu0yan7Y0zYklQAFLwVM0NNo2EqdpkbaBpcuXurfjZiZmOCd7L-h7ErbL5g&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=4864032977484306000&adk=3944675603&idt=174&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43477044787cfca0a9ff2f6586e76ddf9721dfe0caa4136d50b204b419969c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame EC88 0
17 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq33l68d&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame EC88 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:29:38 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

20ms
6ms

Fetch
video/mp4

2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/705018D80EAC34A79D9BBBA784E75C083692EE28.5454DB76799E44B81D2B4B5974D1B64378ABDC76/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 01:33:32 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4302583
Last-Modified: Thu, 07 Dec 2023 10:13:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 13 Dec 2023 01:33:32 GMT

Redirect headers

date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
location: https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/705018D80EAC34A79D9BBBA784E75C083692EE28.5454DB76799E44B81D2B4B5974D1B64378ABDC76/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame EC88 0
17 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq33l6bj&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.k7~videopreviewvisible.k9&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 19B6 23 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 68230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 06:36:22 GMT
expires: Wed, 11 Dec 2024 06:36:22 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 7BB5 23 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 68230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 06:36:22 GMT
expires: Wed, 11 Dec 2024 06:36:22 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 19B6 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BB5 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1520186/71964889/ Frame FA2F 47 KB
12 KB 113ms
35ms Script
application/javascript 54.247.4.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1520186/71964889/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20075793042&bidurl=https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gRUsy2x6m3-opIJxhge4V9
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.4.160 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-4-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e55eb04013fbd443d55b10ae80551bba8a4946c62ea50a134e820caeb1521a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FA2F 111 KB
39 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FA2F 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDK1DuIhvyjvMYIT_OM67xTE5pwUGCzFSBK8dhoi-mZ80_ypbVdqgSsilW86nw3RqaURe9C4O-voFklmiQUtJxowdU3C98hl5QT5AnWwBF9MAaltx5nqvJiCWo7WMp4-t4-Xlf3-QlnAi8uzA3f7fxnjd7SIcCw_DlPea_4EJh8ECEDxo&dbm_d=AKAmf-Af64zrtU_dQOjyiQTJNdeUBaUSBJrHcB3baTRjpmbCLzhLyyC7c7Y9H0BAiAa4MrF42FzeEvjLo-XMk4z9deUyXDBOR7oW0U2o2ObaRFo6-B_SRdmHlzXVSzIhLgzRXYLfhHT7Vx7GuT-qdhJLg1m9fMz6lwMSuU7OdQx5JeD2lQW6WTn8YfXDZDzsKNF-EcfZpu4ht3HxF385TujLNSOkRiyGTtaVQ6hEtyBRxB3-ua4CP7gwbjViKF9uzWvN6ClrplRud1lGBt-knS9M8Y280-52T_g24Dl5IWkhz532KVDx0Zu76KUDti7vtXe077ZAWbBy0mk5gC2NmJOl7At9cgCtpCS2Lev1dW2M26UIY94K5CB2e7AXSTLwcdC2Bpn3sN9s7kB_tLZICST-vwKy_er12x4RYfQH5y0WOAy3bQOxpvR6RSdJjHjW7rfooRKgrEyOigZ-7NRpdCWtoGxhEsx34HKDgAmuVq_KjWv9rWoJgghd7nyu7UcXvzK_WZRcCOjH-Z_IfxiUomowz7Lo09xhxQIfvDaAft-M_OBvn1H5VcuWhA9LJqMWdv-qSAn_dy9h_wKtDo9ySeOVpjJ-LjDAbBtUWoaoFCk6gufvVJ3AGhvBzFmZG8KQqIolYzk680JoplIbzP1QKDwHUGsMcdZkdK9Pe3W-BV8Gk6QjYhEkfyfIYVbH5rYrgiTytC9dAlgiOo-gMzZD0SlOIyF1AcDe-KuMvLSjRDqGBBKQoY6IgEXzlnzhQnMnZGVNZNZSH61AvDaDDPPiUm2ECzAumjhwlwY2JfNPQXGCNkr5GqXa3b72uqdOPjwhQdIv195TH2_HR0SpLe7JuZFVXNfA-yEOYig4WUI7MyHqe2-rKq4sUe0lE9qz9GoPi6Q0dwza-GjkVr7Aw7aFMvuhax_tKOIkUPKsXSSqNXvUp4f2aGvyBFUddfP4V9sggFVD2Y6sUi27SuTtji4pDBtAFlQdRSBhxTVHc7s0__vKQpVpVfEplre9QwPaXQ0lDaqcduhK9MDz4U3ErUQ48GHEr9LU1OoPZuRhsRFDRBcBP4AiKsWbfRBGWZJ12tNkoYGwA1-tQSL6zl4Y08NMjF5VHZHeCkkgypL7CrpEZQWKQB9n-R7l5Y63EVJ8g-SFNsopVFC3W09YxaAVD4P-hchB6kzydLztndrhrjtSV1YWFZHTHwf4yln_F_QvCUk5O0jnRDeKnq7EEjICrrHU-wTHK57Nhdc7C_1DnPDgtpvpOFihu6CgzWItHJr5XgjKMbjbBYzgOS1oDFjjxLq5QtLjc3tnG2tSEZLqqgQuJeyZeCR82OfZZQ3X5LZdvhLaJnf8Iw4u8I19h-AUFiAAc75aSDN6OQUiwyPK5ILInotJWhT2d8DHxWqA7SYQTbDEN1GahPHE0o8cQZmHlFI5DumO6r6gWdbbHGyuiKG-ENByA5O00rfq2oDs1P3xrBl4GMU6_apDx6A90Jj1mF_0TNN6wFIEuKn6JNJrzXwM8ysrfHT_WcCMRfgHRjJoBFIRl9XEeTphp3CCB4SgoPMrIWwnv988Pywg61XY-klEO_WiV7BMXrCz8o3Spv23-aTlyz7vpDDIbsEq4g-T303u0_h-6mgFtrtvqEYZCjBlxQ3uhBzqvmh0gPbANodS_ZROShuGK0FBY0PolHdTsMfOPpl5v4DFeb-f8qnPwTBDm0HwQSQfq8NYnG795xFp0c8_5ny2XSpIFF6jdNIuOWC0vK555OZaNuww9JluEXGBKbnY9uL2gbkAugnHOnvcIbGDgwcnbyJtLyHGcpkdc6XIiJBO2ELvB8oLM6GXgzxOpnzu-3Pye1VmmuDzNfrdPlX8MSfLZ7GoK57fPTZnEGT84R2FnE0-03hptADtc_tqEtb53lzw67GaXHHUhO53At91i54nT06vdpajLyS7oaKA-t40sbionBehW5tsz0_1-TIkDAk2p8f9np1eNe6Ra38haHJod8qAy-R8hg1mydGpcP0CsrC7NiVt1umboTLNtPToBaEIH3tUWOcA-YotlcOmEGmw1XwsRlfDOUyzn3Mreptl1u1WYeKTnUC4vpWc_pnYHp58wzmE_GAi6G7Xl8KvNVM4qmxEaaAtS7BgX66txkW7HfneXjdI758Mi-F_2pQsw7YTGgH6AUj9ik3cKYTej9ymtHqSGgM1ezlddHOHPW4dzFYDWWDcKN0CFpHEUuqsrkhrlot7NDl6y-813DCAX1eUgcKD561M9k-aocg286sb3LmCcWcAsIzKtt5HdZRzATAdYfHoUi8XukI-pNNWqDvHLyCgLMOPlZuZrj3pmoArwJgNRbBAl_7lTFzTcfUYptSOme1K-6I9SZurty5tOI85p9_F7se8MgzgSWFAsbqiO7YoajgDp9A8HqwuAnI_RJoZcbzzWBVDO5MpeITAUbmf9ydtUllO_IalHECdy9nftr9pxn6TYjms-4fF49EchxTNHEOneWHwmY0eCpwoFtlKeqbfIR-jSgHglFE_igYBeBIXb5695qoPYJmm62p9MYBA2iDbZWbEf6Yp6OGhnKM-EZHwtSlZVlRyD5P_JIc0Wa46GyQ-0NK9BVaag1Q_699MqZnDGb0M8sGDnd60-OPBBSrPJaduJQtmdPSl8LCPcmIIg36oA_gfWVi3eVHubtWNaE55Sa7q6rXNFeCI87UChJvuA93C3nCASnNVAfw7nNL59afYpa8obZaJ1LQZddsUN85tCuIucprJzW-ose8E1rAquVi3TUpzkmna83H6QH-Y96YS5CsbSkX3g5_3nwzy9KeAhqYTvgkchlSuPUpCYx4o22gMCsztk-Wlr65mquw6XonqvpySIB0ZVTObdheajkALxgbQyDv_5a25_vf6uwnMfk4wu5Pw4I_QsGMvmO9H4QAYHNb7Lawjn7MkeBIoJNBlFIMG22_v9SrdiaHZbUq8ri8kfLeq1BEpeyFyACf7LT-8BhnadOov86vMrqR0UAdmJg-cMQKAWnZHK5Yg2G9tz3pPO1vLHpK3L6186ApQ9cxBmubNpnSFhd6Xnf3QwugqyMtGpXBWUuHzXoAL8peFf-iN7zfhpsUov-_eW5taZ28R-8fC0kZqvKr-GaNjW7nSMjyrPzqv72YcEnOz8RfLbEZpXQTUNGIseRXIJWYAeMRd1JNW4jLGgBqH9DqrtYhTGt-aRYrBPWWf5BOUrSVZ07PuSWQ-_PaPn-9xA_1LakGOCn1A_JdVlTgNLyljU2PvJMlRxnqImGmEvqAUQwSfFRT2iVHkQ4Gm62bhkrIln34FCGU-8VgkCy6lxQp7DIYnO_FJDaiWtrjhV-nl72WzOGj4kmX6A_z6nH-6645jEAJw4k9oN2UGGGE9ylW6F5sMWoE44diosPFVsLsbZRy2Wlo_L--dYSnsSJMv80eNVINdpyCtT0mRK0qorhwI4ChzAViirc7jJO_qPJ_otCTYxHJMadL891l7_Y3ooXnyucP40U-4edzweJ-PBCmCbMhVvhF3Tr2BhawF_eovLphHw1g6-WjleO0ApQjEzzfOx8TQ8ZtnCD9n8VZiJrFMgB52QBLkDKE8PVABVRbzNGdG2xXvgIX7soODNjMBfJV93AldZXQPj78H_m0wiJwyXBxh205POBB5gZcR-kLgWfT0TuvXdeFdW-VhvsZSzcHm97nzYezCa_TQEP37vKMnPph0tyIgByclF1kX7horKIo3OsjLOzepmrLB8qoculVsjm1wAPdJ2ZpdnDU6WgXW8yfLcVTXtkW9UH4ov7shcznxKYo0cyKSUJthdQALgZ3nkAeyA4rNpDZGdp1UppSsiuAcUGBFUPaloRB0TeDPYXQlTZb6_mjEyYZ2x5uiWrFqGoSYUANrtJeLu0yan7Y0zYklQAFLwVM0NNo2EqdpkbaBpcuXurfjZiZmOCd7L-h7ErbL5g&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=4864032977484306000&adk=3944675603&idt=174&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FA2F 31 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FA2F 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 87CA 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Wed, 13 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FA2F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c70c2dd5488612bf0eccb077c37865ec8fae7f93d20b999835fe5a2e54021da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 206 file.mp4
r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame EC88 4 MB
4 MB 16ms
7ms Media
video/mp4 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/705018D80EAC34A79D9BBBA784E75C083692EE28.5454DB76799E44B81D2B4B5974D1B64378ABDC76/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

389566d333197647653fcf27be7e79eb1c93b82bff0f3585cb2ce4a9259ca756

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 13 Dec 2023 01:33:32 GMT
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4302582/4302583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4302583
last-modified: Thu, 07 Dec 2023 10:13:40 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 206 file.mp4
r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1112 460 KB
0 15ms
6ms Media
video/mp4 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 13 Dec 2023 01:33:32 GMT
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4302582/4302583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4302583
last-modified: Thu, 07 Dec 2023 10:13:40 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AA0E 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:13:27 GMT
expires: Wed, 11 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87CA
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_AGYwlJ7RJO9BYtdcz3zc&google_cver=1&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnO...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E
Date: Wed, 13 Dec 2023 01:33:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 sync
x.bidswitch.net/ Frame 87CA 43 B
145 B 8ms
6ms Image
image/gif 3.123.203.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHM9tIiXS8xFm9yTy7PYybU&google_cver=1&google_push=AXcoOmR7rxd0fAUisA2BlE8kD1O0dy59Npaqx0zqdb72TuyhmoX4BmChy8xm2cQMt5rFpUfU3XE2y91ut9oSNc7f-_CH1_4hp8Y
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87CA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIfFLtsR3f7u-i_4DfRyhGo&google_cver=1&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3Nb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIfFLtsR3f7u-i_4DfRyhGo&google_cver=1&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsP...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwOTQyMTAyMzI3NTk3NDkzOA&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3...

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwOTQyMTAyMzI3NTk3NDkzOA&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwOTQyMTAyMzI3NTk3NDkzOA&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87CA
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOP_-xwWDsj0AMbqfY4ljQg&google_cver=1&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUz...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdU...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUzIMhCgpZb900w

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUzIMhCgpZb900w
Date: Wed, 13 Dec 2023 01:33:32 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 87CA 0
35 B 49ms
6ms Image
text/plain 52.59.107.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEL23EGHVTORWF3rzpwmRIEw&google_cver=1&google_push=AXcoOmQTR4mAxGd0-d1IV7GHnRZDo2UhxfoXypeAanvr4P5KzWS-j_Mf7uCBPrfqGTSdH39tG5x-1NEAJn-LFDks2GBg-LMt40E
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.107.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-107-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 87CA
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHOW21-YQMgMe7e_p_QHFb8&google_cver=1&google_push=AXcoOmQxYT2Dn90dwi7bf6YOUgv9_fYzbsu0CRXlf5OeiU2oqXxahIEETEgOwuRPLosiEO9PbEOQkJTRQwv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQxYT2Dn90dwi7bf6YOUgv9_fYzbsu0CRXlf5OeiU2oqXxahIEETEgOwuRPLosiEO9PbEOQkJTRQwvQ0cqlfF0GijmLMAA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

12ms
12ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87CA
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRq1QSXMDf7838-Puj5yHB9PGeuJLOskpyPeRvsdO8Q7ZFQZSiy6pnufBvRKqc8A-M_ytmZU0b2WOlOG6XhRaek2mg4RqI9&gdpr=${GDPR}

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRq1QSXMDf7838-Puj5yHB9PGeuJLOskpyPeRvsdO8Q7ZFQZSiy6pnufBvRKqc8A-M_ytmZU0b2WOlOG6XhRaek2mg4RqI9&gdpr=${GDPR}
date: Wed, 13 Dec 2023 01:33:32 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 87CA 0
12 B 15ms
14ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Km6_qX2ISoi0qJXRVuXrqoHhufwtuSfrfxrkekBBsZ20o_FKPG4VYvi1ZZx7rMQfi8aWHChXga

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

firstevent Show response
jpmcbankna.demdex.net/ Frame FA2F
Redirect Chain

https://jpmcbankna.demdex.net/event?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519
https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519

42 B
728 B

34ms
34ms

Script
image/gif

108.128.70.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

108.128.70.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-70-10.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0dd64a28b.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 8+LhSIjGStY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-0a36f617d.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: s/S+7mEiSPA=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/ Frame BAFC 10 KB
4 KB 21ms
7ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0713f0f8b5a8e7e067c1a726702ae45a0866c65be56f0b6a1901f58ba200efc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 88991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3625
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 00:50:21 GMT
expires: Wed, 11 Dec 2024 00:50:21 GMT
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FA2F 0
0 90ms
52ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzwOkeGfdQpv_ZjkL1xm2btveB5HPTaJwHXbgLa84t8K79BTf6SItYYdezD1NxOMxVQHRtN8l0CduVKRERgaZYDKDu5_9Ix3H8okqoVjWyXPKbP6LejeChzYykDtPu5R33Dq8rGzkw-C0NhdDBRd46IBBW13QsM3Pc9pTg0C1b_TM6WMDc0Tz-yX1kKX7b5Y9PeiZkXtf0Gm6dzem7XI4swQQ2AADhwI_tAtiVKR_bg54RjrcvTI5kcw1EB35rc0ofripNrG3etb7EFTlzKv2Y4of9GuOjFMD2UExHq5xKcJwjBpZQceIyaDA3HU51hP-2YNHyQvlzAjZUYwOihZSbgEWfH_sSn04UG4IvIdQZpm6yv9Ab8wDYGFsx1bV2Nt6J0VWs3aYkOCmiy78FSRPkSC-LH01kiPek8jbU02vA8aSLhW-AjxV8dda-EW-_ujjo6C2PG73qgkvZ3CUZ_kP7pexvOjBVFicq5RF0DFxLR-cXTRHMfdhUckJeEdzdrBS7qeqq7gQtVCIiROMKQsMwh3fFxRwTihzYi0ZGRyLDzRe0wUPxnPFhN6px1afqaPWbXIm4sN7s9F-TCFvw3KbsjlcAH4jnWjH8Ytr2P_M03dwfj-RcMPA2ONfU8A-JguDDixOoHJLm8Qj-hmoAq-yNXTKDnTkFLJNq5e4ihgFPDGyZ1SgyRsgMRrfDX2uxZMgPt4qcfcvdfYJGL_WFsBL1_VdN8PQfBPRKT7uUH1-Ey8H9sLCHcO9RmHBXmMqpf12S-_8kYyh6XT8H3mRcVBUDRHgkwdCI4CZMvsPbvpnTmN4k2UqWVCjWwtqVg9BfdMVPeKICuF7FzU4YVRrug5NDt7FYjFkkG1b5XL3q8XAdvLAPC0xoHiUILBp9fHJEZFqsbXVnXoKJjJbRTFuXJJVLq0JUECkrx3QWqoFhLHcBBoHJLVRtO2GfCOykSb5TL-cm1ljhEqK37EQCl92S_ARFVx5iiSC4Q4rYhjXZ0U7NHd3naNF2oR5vnGHR5WfgDzdiEW96ikrIcOVVssTsS91EdJNgysCsiMxvD-WHcea-0FMuLGJISUqYrOYLDI_D_1krf4yNtdjOQFIqpCdiMs7_5xeX2fLq423ZWp342lV4EeHBfOtr76G0UaNy98xuZT0M9zqv2IoCnctXAwv33W-2eMAix_H19tdnLgxvYnINSaQM2-Y5GXqo8e8bd1K1fYh8RlgwQI7I9mOWQXhzn2VOhq-44c0tO_7PQAR5D77uLKTt2CHgZzfsuFO-opMjUBUZxzZkeMZ96A9avucyoo7EtOfoFixgxHDpR96VRmtflJRdKTpUAxKZjmytzdORu-kMVI4_0RKrUMvQPurpWGs&sai=AMfl-YSaqods8GPn6Duap8IpGFbFw5wa3Wkke9L8dnkxz3mti1Gv9r5-RerIyOgThfbA_uy-0No3T_W2NtAfdzpidmovFkVCMO7YaBVCTqeb-ZDF9srJ7utqKDKeGRlJxE630BXlmBnhP4wRxJORzgE8wTsVQYfH3IoK5UGYBcaw7hazRZjBHbt3ReiPI-zrvKUi-Ozw2BVndU0RIcke0FWxVcl41cFoMkN9oxQEgdXym37hjDFy6RMnefQFZpQby6acnzTf&sig=Cg0ArKJSzCwx3o0m8YA1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=63&cbvp=1&cstd=62&cisv=r20231207.35821&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame AA0E 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/css/ Frame BAFC 2 KB
717 B 8ms
8ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517977e97442af426c8d226fc8187fa9d036c7a566a9cc1488dc553102f8aa64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 688
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:12:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame BAFC 87 KB
31 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 00:17:29 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame BAFC 64 KB
23 KB 36ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1294004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23292
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-5afc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ded0s0whRN1MkfZk%2FzvKTuqU3uPE3hFs18PmZPxqKaFaKhEdbv7tRPangJB0ireUJlSr2YCQFO%2FivgLX%2B3FC%2FB0cyXxaGRQ5DbwGnTa7h5AsERBOC%2B6sc7bATUXhpMLwTXYMyRqMBHp7NCyBlE2PMlNz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834a75a4bb9a3674-FRA
expires: Mon, 02 Dec 2024 01:33:32 GMT

GET
H3 200 text-1-a.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 8 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-1-a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e491a498ec121779ed7c282df30dc76e479a73a0d2234535399bde198e3c93fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1851
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:10:05 GMT

GET
H3 200 text-1-b.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 6 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-1-b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3744493019d5eccccd7fa4b762681fa77fffa484d1e67db52a5b2e519c722f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1470
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:58:41 GMT

GET
H3 200 text-2-a.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 7 KB
2 KB 12ms
12ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-2-a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a29ff2cf4b0d13b171b9282d41c69c9324adc9e8842bc0d4ef3f5f0b6b386b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1546
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 02:59:00 GMT

GET
H3 200 text-2-b.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 15 KB
2 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-2-b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1942ac40ccd6b33412c55f328bcd023a0f62dd595e45d7d5f66da7b228c2cbbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2401
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 07:20:22 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 6 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d70004b9ccd3af99f650f77d4ff2d318867bf1a0b0bd1fe43799445cbc9bbe97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2441
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 12:17:11 GMT

GET
H3 200 mc.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 7 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/mc.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dcba527b4eb4467c18e27acbd8937279404dfd148b77fb5b650bc7f9e208422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1667
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 10:05:03 GMT

GET
H3 200 risk.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 5 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/risk.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80cdb452efb83d2576f33946582347cf3715a1eb7707efe34d3bab5c9d2eb705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64829
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1646
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 07:33:03 GMT

GET
H3 200 wheel.png
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 149 KB
149 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/wheel.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09854c4e5ccc9d3bf3d5ff9d58021b04622f3bb600e9344d6a5a0f25cffb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:39:20 GMT
x-content-type-options: nosniff
age: 114852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152312
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 17:39:20 GMT

GET
H3 200 text-3-a.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 4 KB
1 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-3-a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a52eb4b3d22ba31f1bd0b5cfb760ea77142cee79695ae4394c78a9b7bfd7adf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1444
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 20:02:01 GMT

GET
H3 200 text-3-d.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 4 KB
1 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-3-d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6199b87f123f744f322eb478305f60fbf9b36b220acd2c099b26428e894f3465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1081
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 00:50:21 GMT

GET
H3 200 cta.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 4 KB
1 KB 15ms
15ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/cta.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9bfa3ff078313996a32ea9199a549baddee1fc790dc11fb910a286ff756698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1071
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 00:50:21 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/js/ Frame BAFC 2 KB
576 B 11ms
11ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f9cad3b318540a9345ba5653f3e805108bfe0ba02aa5c135cdeef7322283d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 547
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:10:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 19B6 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BwyR_7Al5ZYfhAbCnmLAPhJSS4A8AAAAAOAHgBAI&bg=!NzSlNHvNAAY3kmNgF5I7ADQBe5WfOHy704gH1LJNDWKOPnt1Vp0mr4-L9pYA4k7vC4PORuVdhuc_1x1WNh7ZJnr6y6wtAgAAAHpSAAAAAWgBBwoAdeXhJzXxWQ0jRP5DN-e_1pIV8vezINRbL9gMYKDwXthBFlmtxeYXWNk1z9kv4JROl1uIvwn2pYnxwRL2D0BsuvDs5AE0IHPvxWwXcb4UR96VBOWkZpo0lBFACHdto0p8aiNaFPxiaJ2FSAs-kL-QfmcjYjbOepkDA5xfOhrHsprPK1BDqacS9Yl-NRz0J3KpXHirnrAQtS6ayXh3WMGyP4qBd1ReQR6bYewR7qSxihGJ2jvx6tHf-DZEfCSzLU3rtMGaSwtYKvshTe8bCfjFYP2A33qQ-XasEdl3tDjDuB5ilO4PLKOwvzBXOLG90UdhukzGXdLL4WgE6gsE4X1p8tOw-hoKH2eWgXQGHWxGT4WEWeEZ8_99IbB53jkthdvAbFA5cNHKUkTEZ9Wcx3GF6DOirgbAr69FSXBpYt1CPz8GKvy_ol0mQn6nM1m_KgWiDQFGuazG9pNIsWvUw2JIQ-8dPuO5kX1okuoDkIs7mqDIa7JEpJeWeQS-m1xdsvqQMSrhAP5ivTkwG2wsXec2TaEOBCuGIE9xoFI_a3TLq2mPhfXsaBWSrkphURjH71SloYGRS5UN5CWfk_Rg_xtGBlN4VWnEUm2oWoAhRCR8og-bSW5FPS5AGK61pbP-eijhtis5mCZqphNtxGGRxF0MoeTH9ADm6BYAGlm0EUniCeUYOCXSgpQusYSBGtPZJzpuwUYmT8xeL4DhwrrAEN1f-8iTyocUv4TYnBDUYan2dJrhyy-rEtoic8sfgMBSrZmouHs0qGoPbAd1U3JEA6H04_lOWbEQv44k-ugKAcuWON5HjEtnUOZugnjaAUlYwN5Rkbi3p9UCQskOT1_yvQ3I14fvy19bf4ZSsocCESv7IB4F0gX2Goxjf4FXre3msaridcn8BxVSQl6h1vm_tAu0ffWwCxkbgGwG2jFo3iiBAJr6wtCYO44CWV58VgaDj1WafU2upLLMESmHDGQVBGYVOsvR9zYIH9L1FI5GiX3MsHdpRDX5iYsAoYtWAvEy-tqHTI0HGsYIutgvvTtuQpNMzi6tf707ApZMi7S6FrenkpltUdMDtr9TYt9yhpZs5n1a-JiwQcGbdR0velPruYsVayTc2E_JLf9MHtR_K_c6vQY9M9e96My6x8cZpY3vvnVr0XPIRcbOeF20KaqUonuhEpwJ35kdhhRw3HgA0g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.19.8.464.js Show response
static.adsafeprotected.com/ Frame FA2F 213 KB
66 KB 146ms
14ms Script
application/javascript 2600:9000:2127:c000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.464.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1520186/71964889/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20075793042&bidurl=https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gRUsy2x6m3-opIJxhge4V9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:14:56 GMT
x-amz-version-id: UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding: gzip
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 451117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Dec 2023 18:46:00 GMT
server: AmazonS3
etag: W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: SCty5jvuPX849SDuQfFoY2zL-hqP7OBrtujA13BWuqqhAA9lsa4cdQ==

GET
H2 200 dc_oe=ChMI9KeXvaKLgwMVdlJBAh0MpQOyEAAYACCB37JiOhoI2uyj5AQQyq362soEGKT0luQDIIXDq6ODEkITCLHm8byii4MDFYh24AodR_QHnw;dc_rmcid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8...
ade.googlesyndication.com/ddm/activity/ Frame EC88 42 B
401 B 165ms
44ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9KeXvaKLgwMVdlJBAh0MpQOyEAAYACCB37JiOhoI2uyj5AQQyq362soEGKT0luQDIIXDq6ODEkITCLHm8byii4MDFYh24AodR_QHnw;dc_rmcid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOlj18O-8oouDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702431212349;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EC88 42 B
64 B 49ms
46ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&sigh=OHUGkdFHLCQ&label=part2viewed&ad_mt=19&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702431212349

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC88 0
65 B 57ms
53ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQXimSidYvY6Q-_h7CzFHZxspWnikC5Dm5qVXYUtwjP2HUqqhlJ7-hkvPpjDUk6FgPzSekYyRHl8OGpYUm4AIuCNrx6-JTuiP6TgN-A628mxTpic8CQwZ7deqcCAhUKlNKf0Y7IDVJuW6bPCNV-PVqGczZK2-eNPsnYD9LXIvEueOTOrLBSuCdsf6vengQxgLb6Piw-P7OkG3ejKXGHpEDXZlJZtL2WQp41SdIJyx0_VP7XJBDLh-n3iY7hOog-wnuw9N5nS6IF32qFWfw3Zm1ygqYAzpcFNR_T2DJTH053ZAwAyyOReCGk5rLkD5rQhljaYK1kxnjFNx7i_XhfiRH26RUuLDX7qtai2mLNOtyX21jN2axFx-889OOIGX9Kv_4St-4IPLTkZC44t8HqeP9lpjIaC6aOmqtd_IxYTh1TMgsEezqRJ0cYXEX3txs_0B3D-2CAHdFeP5xSD3c_GqVIXOnZPW8fhIhifRrQJoghTtg2_JtMTm3DgUutn3jnpzW0E7rE8UGSnlqkPdpfhsSOzsErmWUeHFxwirxc6niSrtLHYNeC7vhEDk8FBH7eAWT2iA-0b7jMUhosoF1k3v1zkXaDTxJD85GQFej9jBnJkJzeJMd_1-bv-TMXZnjKR-vVBUlhPRQ9j3Uvw52Q1XMbElo2PRYLffi-eNAqkabr3MDxei3jmWm1j3sbKvvkmIzxxAeAPq-TOc-nq3jQg1fj_OO-_6HLOUglLcjvlbfev23LV3KLGIAaWRrvPJGf8wHNudmFFw6jfvSgDqRTwu6jYHGY_mlWrMIgl_tg70wruh-6LIEyXzFCoD4CgvG0K93u-t_-VGR7qXrYGatil1OWOyYKHVMziIl0CW0ESWMelsYIEa-9AlZh53JZHDi6FUYR5iqXlqGi5bm5PD4HM952dkyaW3-dIBh4HqV1p7DyZAxUwQNF252SWZAFwPPG0Ilnb1Vsc67Grfro4Ql9iJ-7honxBo1X61ptBP7GfMjo7X8bML--G7mHup6FXCtAbbr3GoOsJfR_WPsf8F3sE2BFc6SdWrb2IHDNMcB2xXHUUAmqwaUeOf61zQnJTAFHLVAVdKi4h-GZqUxfO3k5pEV1pSuJ35OOptBvqHaze4SPje6RtZDiP9NySjjliK3qAVUmfU8zli2h-PC2tuUdDKm3HVaDC4WydS9CC3XqF1bcHprXPUJCx_kj1tcwG5W6PnDXMeDzPXPpnZ_qV6qYwwWiSAOSqxkUkFyJkXErDb9g5lgt7xLZlwD3jKAxcI5jbRw0erx&sai=AMfl-YSzoIPJyEr51IKFk4WR-OmjdE_iwO8G1-nP2KTRa_RLdgODySjQm46etMLq4mFTzDcqtak-LoS4x4jDaYEdj6BIyI1ykBkipUQHZHbO4vHK30wsUS-fubkBhKwWyzOKlwfFTfONuMi0Y1Vmo2kGdYKF2Qoa1zkYusWnPDBAyxrMpnIlX7AoRtAaBlnbV89EY1FM3f_dwgI8wVgES6m9oK8IELxlwVPf-qs3itaguDqJn1u-OeBacUjkhwpjcw6RqccL&sig=Cg0ArKJSzKXrAz7UnATAEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 banner
ad4.adfarm1.adition.com/ Frame EC88 36 B
36 B 138ms
15ms Image
text/plain 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.adfarm1.adition.com/banner?sid=5155022&kid=6256015&bid=18996164&wpt=C&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:33:32 +0100
server: ADITIONSERVER v1.0
etag: 7311886379233708812
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-length: 36
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/ Frame EC88
Redirect Chain

https://ad2.adfarm1.adition.com/banner?sid=5151015&gdpr=&gdpr_consent=&kid=6224187&bid=18978849&wpt=C&ts=[timestamp]
https://imagesrv.adition.com/1x1.gif

68 B
178 B

46ms
12ms

Image
image/gif

217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Protocol: H2
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Dec 2023 01:33:32 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:33:32 +0100
server: ADITIONSERVER v1.0
etag: 7311886379232920790
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame EC88 0
0 48ms
46ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDa7KPkBBiw4eGAAiABMAE&v=APEucNWuq_aK2xAFvB9fqIhquC9NS-CRhmSCqWjPhQJTbf8-fd7qUWpknLUUhahlJXYxE-qatbHKxvwPnm9cEvtgChcxmLs1rQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC88 0
20 B 42ms
40ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EC88 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTzdUDD0873g0AUEB4BWXeFeSBG-r_HnGCthwxQOq-KS0cipEyWt83FRzkPt9doiOUS-U1wlEBGpYQI1MN2K_XPKpXu7dbhJUS_qdMQo6O5Vv7EdYZefcnSLwUaW9Z8IhApsqejNYW_Zc&sai=AMfl-YTSFyVsbSIuxB7BAWwLJg_BvySQUF7WBqbkbV9X62PnxLin7-pjpzDdXdE30RqPgGgyxbRDyCwfBTsSdAKRaKd27i7nQnBY62GtLcZRdmNQFKlIgwv3uXNwqZA&sig=Cg0ArKJSzC-Tez3uxkvUEAE&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702431212349&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EC88 42 B
64 B 49ms
47ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&sigh=OHUGkdFHLCQ&label=vast_creativeview&ad_mt=19&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D19%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702431212349

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame EC88 0
17 B 14ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lq33l6bk&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=205334&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.r9~ff.rf~videopreviewstarted.rf
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC 64 KB
64 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbb8c1bb3a274e0894353deaa0e93da048a6a40e3a237396f24f068148bb27da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:31:58 GMT
x-content-type-options: nosniff
age: 104494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65100
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:15:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 20:31:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BB5 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BL8Ib7Al5ZfSBAvakhcIPjMqOkAsAAAAAOAHgBAI&bg=!NjWlNXrNAAY3kmNgF5I7ADQBe5WfOBRPPFw-wCP_xEqGxw9vuTFE6TjAUNIZvohK8F6g35vGDiJSEQiX3YOnjRemeASsAgAAAJpSAAAAAmgBB5kDBZhbmt7MX7htbz45vEZSxAm8m4qvJQW3b9JTVGbv6Udw40YuP1ba8RUpB17v-9FFz9tz6DG4Smi3ng_uzPpxSVnlq5oTd1zw3kdehqMEg8RigwI51cTG15H3ZvHPV_JXpYP9H4BduBDcgAMsF2rDIf9cwaXA2x_C2HIcjEtFcwOrKrtouf3_AWItbwe5da_0vWJG-hzKCEp9-UjczRC2RtMHwSwkENvu-DbCZTK7DT4XQHZhaojloSRGpQKPRugh3u_RlA7X16uEnKPPV4txZgzvmFR5YWJvcu9ZEEqJGnLSlAdYDwh7k0zNsrmeqOwAnf5UaJ8YUrkrNL1MLxkAjadaXX0MfDId0TGTVtoX6IbNoNNnwDMn6yrzm8Opk2f0ktPGCc1n2lRxMrqQxcmgNFfDFLALuDiRuZ0-O20d0_AxuOjRVebDMmutgUzYzuUxw8JIVv68mpMxMVhbJEP1YP_qaP11btVaKVIkNJKh9WhtHEOMjNOUMPipUmAbPbUuQVFNCbZeVpS0cnXE0wrUo5E0xhgxAarX3Lc2sOM5YryaBqRgdKwYNHUreYi7TF3XEO84oPFgVxSY5LXufX-aKx_MrzDDXptW2k_4tFO_PqlIrG5-37ielJr1zla2_yeA9SR6kH4BUBC4CgAvn-LfpQzm90gIR0LadVnGSLGPWA8S8I7NGdSRX3hKyXReSI0Dxvz3I2BPDDKpKeu9jc4d7FF3-jt8TZRRIghqfJQsX83fUXNg7tyV-zQ_AWhfAhoxgpoWIxrUIbTjdN5LpKQ8LYwHfaasCdZgyc_AvNYKcMpM3SVni6p4LRWaT1MqanALKEn2ZwcuF4IWKb-0QjSvgQCkTDkkndXf3uhUJNNkrn7Uw4Pme2HzFFgzgViBcByQfoarg-8t5ASs4ANWnUFJc2BM-EKQJJm5mnGOoLbeRvlil4XxSAu0dPMpMJaObvpBfbBU_k-tm3VJonvjaLpl_Qdgju4fsHf9h03XCV7jsrTQZp63hIQ6CuwfcgTcFgu9-D1v6ntw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FA2F 0
0 44ms
44ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzwOkeGfdQpv_ZjkL1xm2btveB5HPTaJwHXbgLa84t8K79BTf6SItYYdezD1NxOMxVQHRtN8l0CduVKRERgaZYDKDu5_9Ix3H8okqoVjWyXPKbP6LejeChzYykDtPu5R33Dq8rGzkw-C0NhdDBRd46IBBW13QsM3Pc9pTg0C1b_TM6WMDc0Tz-yX1kKX7b5Y9PeiZkXtf0Gm6dzem7XI4swQQ2AADhwI_tAtiVKR_bg54RjrcvTI5kcw1EB35rc0ofripNrG3etb7EFTlzKv2Y4of9GuOjFMD2UExHq5xKcJwjBpZQceIyaDA3HU51hP-2YNHyQvlzAjZUYwOihZSbgEWfH_sSn04UG4IvIdQZpm6yv9Ab8wDYGFsx1bV2Nt6J0VWs3aYkOCmiy78FSRPkSC-LH01kiPek8jbU02vA8aSLhW-AjxV8dda-EW-_ujjo6C2PG73qgkvZ3CUZ_kP7pexvOjBVFicq5RF0DFxLR-cXTRHMfdhUckJeEdzdrBS7qeqq7gQtVCIiROMKQsMwh3fFxRwTihzYi0ZGRyLDzRe0wUPxnPFhN6px1afqaPWbXIm4sN7s9F-TCFvw3KbsjlcAH4jnWjH8Ytr2P_M03dwfj-RcMPA2ONfU8A-JguDDixOoHJLm8Qj-hmoAq-yNXTKDnTkFLJNq5e4ihgFPDGyZ1SgyRsgMRrfDX2uxZMgPt4qcfcvdfYJGL_WFsBL1_VdN8PQfBPRKT7uUH1-Ey8H9sLCHcO9RmHBXmMqpf12S-_8kYyh6XT8H3mRcVBUDRHgkwdCI4CZMvsPbvpnTmN4k2UqWVCjWwtqVg9BfdMVPeKICuF7FzU4YVRrug5NDt7FYjFkkG1b5XL3q8XAdvLAPC0xoHiUILBp9fHJEZFqsbXVnXoKJjJbRTFuXJJVLq0JUECkrx3QWqoFhLHcBBoHJLVRtO2GfCOykSb5TL-cm1ljhEqK37EQCl92S_ARFVx5iiSC4Q4rYhjXZ0U7NHd3naNF2oR5vnGHR5WfgDzdiEW96ikrIcOVVssTsS91EdJNgysCsiMxvD-WHcea-0FMuLGJISUqYrOYLDI_D_1krf4yNtdjOQFIqpCdiMs7_5xeX2fLq423ZWp342lV4EeHBfOtr76G0UaNy98xuZT0M9zqv2IoCnctXAwv33W-2eMAix_H19tdnLgxvYnINSaQM2-Y5GXqo8e8bd1K1fYh8RlgwQI7I9mOWQXhzn2VOhq-44c0tO_7PQAR5D77uLKTt2CHgZzfsuFO-opMjUBUZxzZkeMZ96A9avucyoo7EtOfoFixgxHDpR96VRmtflJRdKTpUAxKZjmytzdORu-kMVI4_0RKrUMvQPurpWGs&sai=AMfl-YSaqods8GPn6Duap8IpGFbFw5wa3Wkke9L8dnkxz3mti1Gv9r5-RerIyOgThfbA_uy-0No3T_W2NtAfdzpidmovFkVCMO7YaBVCTqeb-ZDF9srJ7utqKDKeGRlJxE630BXlmBnhP4wRxJORzgE8wTsVQYfH3IoK5UGYBcaw7hazRZjBHbt3ReiPI-zrvKUi-Ozw2BVndU0RIcke0FWxVcl41cFoMkN9oxQEgdXym37hjDFy6RMnefQFZpQby6acnzTf&sig=Cg0ArKJSzCwx3o0m8YA1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=220&vt=11&dtpt=157&dett=3&cstd=62&cisv=r20231207.35821&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA0E 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcyIx7Al5ZfKYBpLT9u8PquatSAAAAAA4AeAEAg&bg=!s7ClsP_NAAY3kmNgF5I7ADQBe5WfOKG2gfKbhlxkKUMMLCB6pypZX7RqohnefOMQ8QY3X1uICblpXD4nWWx-7OQPvXAnAgAAAHJSAAAAAWgBB5kC_Q9WKL0S50wPkLukv86Y7dLzlC2IFwqZ2Llj7hus9tpLz_nrosTwEYDDK-_-c63BJso6cIebx3Uktju6zCIbZo0NRPMbBdEQo4QRTmS9lDi236WjPIn64m6_RSM_xvvGaINJzhYlYQ8Xk4BnnsJwju-E4hYjD2wbwjNP8lcAkkeAbE9MhKJEqzlwJG6eZHokYH_Avn9FBR2l-rZRZHn6cYfnHPZiPE8w9wrTKhKMu11wNEQKHdJmcuunyXWsI6tYxDbYeXtixRp1rRQY0yNr4Zm6drRV16TAYBnyMPOAFoRCStdxZv67IKJJkUB3BZHy4UdAWEGLDIy1dBUxcxY-hxWZoVreLUmexBIA9VoEq7Q5BKttEsdtMoQINCadNSpTcB0Dbs_q3Xz57UntNdUOmR5Z8mrFvqVlIw84Q-KGqBzlSLDM8F-knWQLZiULgt8YtearmvNMdau7kVjCYVT7Uh0FT86erndATnY8CaumCgZiTi4_KJBibXYJUzMb8DkdrvfwUv7pCU1FvslzschV6LMWYo5FQhhHzIxE07mjHALuqANYwNOfN2xaEDsJq0lSA21kkP7spyWPk9u7l7aRf_zBsSKlrqhskBTHyiD9T648TsOQObrat4V83A4hgPc0APY59xODsoy9rzBRlSo52jlYt2K5cSIadRk4ruyFHm9tVUJ8EAQe5F9sBPAJ3Pzb6mJVcqgKXW2X--JjfW-UNms4R7v6FKpQjbSwgowLMUFbt_V-x9S68EeZ2VPZG_mciAyqUQoMeFAjWony7RBv-6H0pNG-nLFMBkjnULMvYwOuV6r5aF6TGemh4rxvQaPvHFpgU_NiOwu6aFwgRAhUWjrl3uLCSIvlim2UtSHGtW0OqIldOakAqBtilRU1JIDdSAQL-jqSVz4x8fvkAdKq385zpnv4KL1hVKekt6nUBBca45b7eZj5dukGqz8RKyLSBHrYQTa5uY0Bg_N1YXnfWzhLcVebYhgoLVrVN0RSBBJVsCAUFeBYYD6z3tKvxg

Requested by

Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame FA2F
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1520186/71964889/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20075793042&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

17 B
474 B

13ms
13ms

Script
application/javascript

2600:9000:2127:c000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Protocol: H2
Server: 2600:9000:2127:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 6646334
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: PROcaaNKDg_FvfDjxlr6ntMCQXSHXqMR6A4p3DLkbN8hK8_FPYdKRg==

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:32 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame EE20 91 KB
23 KB 13ms
13ms Script
application/javascript 2600:9000:2127:c000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 7176262
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Ik_2-R_4CgEzxaCdVJDzzpYmru2T3LULI1p0o6JhLHvvBeU372GjTA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FA2F 43 B
215 B 547ms
176ms Image
image/gif 2600:1f13:800:7782:c9df:b77c:1926:7ee4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvFH,pingTime:-3,time:220,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:177%7D,%7Bpiv:0,vs:o,r:l,t:220%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:220,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FA2F 43 B
215 B 547ms
177ms Image
image/gif 2600:1f13:800:7782:c9df:b77c:1926:7ee4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvFI,pingTime:-6,time:221,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:221,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178%7D&tpiLookup=ao:blog.s.id*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FA2F 43 B
215 B 541ms
175ms Image
image/gif 2600:1f13:800:7782:c9df:b77c:1926:7ee4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvFN,pingTime:-2,time:226,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:469,beZ:470,mfA:638,cmA:639,inA:639,inZ:641,prA:641,prZ:644,si:647,poA:648,poZ:656,cmZ:656,mfZ:656,loA:690,loZ:691,ltA:695,ltZ:695,mdA:470,mdZ:630%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:177%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:226%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:226,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.600%5D%7D%7D,%7Bsl:i,t:226,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178,sinceFw:48,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FA2F 43 B
216 B 259ms
174ms Image
image/gif 2600:1f13:800:7782:c9df:b77c:1926:7ee4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvKj,pingTime:-10,time:506,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84MS4wLjQwNDQuMTM4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702431212851%7C%7Caeaf18ba7c4e81a93cd3467c48921aa5%7C%7C31f552011cd49d12bc3cd930bb193459%7C%7C55f6a573a128af67b83a89e4163b7eaa%7C%7C92ea4cd3ebac9ad7b34d1a086ebbf0cf%7C%7Cb7f86de68126e3d4b977cd744b689665%7C%7C54dc9d674b7378e00eb16ac1be61550c%7C%7Ca51928a50c406790e3ce147922bb067f%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 csi
csi.gstatic.com/ Frame 1112 0
17 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq33l6ax&c=5192186116256&slotId=2596093058128&qqid=CLLm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.jn~vil.r9&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame EC88 0
17 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lq33l6ir&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&dm=15000&met.4=vfl.t0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FA2F 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqKvMWfe_AEiJoc573UeFNAX9nlPRkgn_UkVKqPzDSCWLF2VLw-hVe4NCZB9-WQuLg0LCKcKDNoXhOLgXA5qp4s4WlmnqVZEf6eq-gfbwhENSoK26K2Y5dEMPmBAiDXdlkbU-SA2oWKKPS2vyNJThqfXiB&sai=AMfl-YS4Y_g-7IZE4ifG-BeeFcBVn9ifRThPYaZRKZWIonlb1QxybbdgEykgF5s3QUmK7IwFqorVACXdqg89TYMdx-AwcwKSbY6ABQjkLSk5ncqkl3XMET6QfwROwkM&sig=Cg0ArKJSzLw78YrMySIcEAE&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&id=lidar2&mcvt=1000&p=226,1345,266,1386&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=182523439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702431211876&rpt=312&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA2F 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3286478068475&version=m202309260101&ct=76&x=1&cor=4864032977484306000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FA2F 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7782:c9df:b77c:1926:7ee4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvVV,pingTime:1,time:1226,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:177%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:226%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:226,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.600%5D%7D%7D,%7Bsl:i,t:226,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:549,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178,sis:249%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
server: nginx
x-server-name: dt30.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FA2F 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7782:c9df:b77c:1926:7ee4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvVV,pingTime:1,time:1226,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:177%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:226%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:226,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.600%5D%7D%7D,%7Bsl:i,t:226,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:549,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178,sis:249%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:33 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EC88 42 B
64 B 44ms
44ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTzdUDD0873g0AUEB4BWXeFeSBG-r_HnGCthwxQOq-KS0cipEyWt83FRzkPt9doiOUS-U1wlEBGpYQI1MN2K_XPKpXu7dbhJUS_qdMQo6O5Vv7EdYZefcnSLwUaW9Z8IhApsqejNYW_Zc&sai=AMfl-YTSFyVsbSIuxB7BAWwLJg_BvySQUF7WBqbkbV9X62PnxLin7-pjpzDdXdE30RqPgGgyxbRDyCwfBTsSdAKRaKd27i7nQnBY62GtLcZRdmNQFKlIgwv3uXNwqZA&sig=Cg0ArKJSzC-Tez3uxkvUEAE&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D19,1,281,467%26tos%3D2001,0,0,0,0%26mtos%3D2001,2001,2001,2001,2001%26amtos%3D0,0,0,0,0%26mcvt%3D2001%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2202%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D21%26pst%3D219%26dur%3D15018%26vmtime%3D2225%26dtos%3D2001%26dtoss%3D1%26dvs%3D2001%26dfvs%3D2001%26dvpt%3D2202%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2001&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702431212349

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI9KeXvaKLgwMVdlJBAh0MpQOyEAAYACCB37JiOhoI2uyj5AQQyq362soEGKT0luQDIIXDq6ODEkITCLHm8byii4MDFYh24AodR_QHnw;dc_rmcid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8...
ade.googlesyndication.com/ddm/activity/ Frame EC88 42 B
107 B 44ms
43ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9KeXvaKLgwMVdlJBAh0MpQOyEAAYACCB37JiOhoI2uyj5AQQyq362soEGKT0luQDIIXDq6ODEkITCLHm8byii4MDFYh24AodR_QHnw;dc_rmcid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOlj18O-8oouDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D19,1,281,467%26tos%3D3730,0,0,0,0%26mtos%3D3730,3730,3730,3730,3730%26amtos%3D0,0,0,0,0%26mcvt%3D3730%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3931%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D219%26dur%3D15018%26vmtime%3D3956%26dtos%3D1729%26dtoss%3D2%26dvs%3D1729%26dfvs%3D1729%26dvpt%3D1729%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3730,3730,3730,3730,3730%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3730;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702431212349;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EC88 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&sigh=OHUGkdFHLCQ&label=videoplaytime25&ad_mt=3956&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D19,1,281,467%26tos%3D3730,0,0,0,0%26mtos%3D3730,3730,3730,3730,3730%26amtos%3D0,0,0,0,0%26mcvt%3D3730%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3931%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D219%26dur%3D15018%26vmtime%3D3956%26dtos%3D1729%26dtoss%3D2%26dvs%3D1729%26dfvs%3D1729%26dvpt%3D1729%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3730,3730,3730,3730,3730%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3730&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702431212349

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:33:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 213 KB
0 298ms
298ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:33:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58654
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 39 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5931
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13835
x-xss-protection: 0
server: cafe
etag: 9174524701941205614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Dec 2024 23:54:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.s.id
URL: https://app.s.id/api/user/me

Domain: sdotid.zendesk.com
URL: https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3bt0v889124234&_p=1702431209745&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702431209&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=scroll&epn.percent_scrolled=90&_et=11&tfd=3473

Domain: home.s.id
URL: https://home.s.id/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-21 02:29:51	Name: _ga_98MWVCBDD7 Value: GS1.1.1702431209.1.0.1702431209.60.0.0
.s.id/	1970-01-20 19:03:27	Name: _gcl_au Value: 1.1.848533358.1702431210
.s.id/	1970-01-21 02:29:51	Name: _ga_LJQ0V44EV5 Value: GS1.1.1702431209.1.0.1702431209.0.0.0
.s.id/	1970-01-20 19:03:27	Name: _fbp Value: fb.1.1702431209905.620576761
.s.id/	1970-01-20 16:55:17	Name: _gid Value: GA1.2.605542577.1702431210
.s.id/	1970-01-20 16:53:51	Name: _gat_gtag_UA_225238330_2 Value: 1
.s.id/	1970-01-21 02:29:51	Name: _ga_LBWQJM5WLF Value: GS1.1.1702431210.1.0.1702431210.60.0.0
.s.id/	1970-01-21 02:29:51	Name: _ga Value: GA1.1.144635658.1702431210
.s.id/	1970-01-21 02:29:51	Name: _ga_GJLS9JMJCK Value: GS1.1.1702431210.1.0.1702431210.0.0.0
.doubleclick.net/	1970-01-21 02:15:27	Name: IDE Value: AHWqTUkcnM3vvKa_xmghAulKDEYm2LD8pCc2R6T8I7wxNlBnJhLhljXetZW5pnu57O4
.s.id/	1970-01-20 16:53:51	Name: lotame_domain_check Value: s.id
.criteo.com/	1970-01-21 02:15:27	Name: uid Value: f62cf4cd-e605-4b9c-ab95-2efa4eff41f2
.s.id/	1970-01-21 02:15:27	Name: cto_bundle Value: uIpykV8xTUIyWHc5QmtDOSUyRkdHdko5YnluQURTbE0waUhWM3NxOEFwM3I5eTg3ZU8xS3FHaGlNa3BlWlVRd2l4MWJDZWZ3MWU1UlhPVzRRU2lXZDRkcCUyQllxdTVud0VRcmdiR2laMXNGUmlIT0tFTEtidGhqMGFINWNiWmMxRTklMkJGMjNRTG15SnRBYW1RY1VnRTZCOXV0dEg2RHclM0QlM0Q
.openx.net/	1970-01-21 01:39:27	Name: i Value: 7f6b2cc0-6f30-4a9e-a9db-1cc6a92ffc5d\|1702431211
.s.id/	1970-01-21 02:15:27	Name: __gads Value: ID=0b0a514a105c394e:T=1702431211:RT=1702431211:S=ALNI_MYLLjdBx2ismjg-VgwSk9tdHa5EYg
.s.id/	1970-01-21 02:15:27	Name: __gpi Value: UID=00000d1916623fcf:T=1702431211:RT=1702431211:S=ALNI_MY6IU0lb0eyo8erCkg3S-euqGeo6w
.casalemedia.com/	1970-01-21 01:39:27	Name: CMID Value: ZXkJ6.8IKvdk-iNUwbjKrgAA
.casalemedia.com/	1970-01-20 19:03:27	Name: CMPS Value: 2239
.casalemedia.com/	1970-01-20 19:03:27	Name: CMPRO Value: 2239
.acuityplatform.com/	1970-01-21 01:39:27	Name: auid Value: 864086004643
.acuityplatform.com/	1970-01-21 01:39:27	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRhgZbA+ymGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYYGWwPso90aGlyZFBhcnR5VXNlcklkWkNBRVNFRXEzamdTZWhXZDd1OEFqVlJrdmw4a/v7hnZlcnNpb27C+w=="
.adnxs.com/	1970-01-20 19:03:27	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>3v5.I#!]tbPl1M>e)ZlrFUfJ+tGXxp)S42`mErVhiMwP)>T_.!#@eJFOb#ok[>OJjs3If)y3KL9D3I?+aC8K](
.csync.loopme.me/	1970-01-20 19:04:53	Name: viewer_token Value: 57b58565-61e0-4ddb-9d1d-c01a49901238
.adnxs.com/	1970-01-20 19:03:27	Name: uuid2 Value: 5167864025953720072
.simpli.fi/	1970-01-21 01:40:53	Name: suid Value: 9E5E9C5AC05D4A9499533F561792FCFB
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dS7Lyyky98nzKTANM8qPDKgodzKNMgEA1L8OrR4AAAA
.rfihub.com/	1970-01-21 02:15:27	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dS7Lyyky98nzKTANM8qPDKgodzKNMgniNTQ3MDIxNjQyNDIwtXjFiMK3BADeo0OKPQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNDMxNzYwNTUyNDc0tDAzMDIW4jPU9fZ1zghxTw5NyolMAgCgP7ovIwAAAA
.rfihub.com/	1970-01-21 02:15:27	Name: rud Value: H4sIAAAAAAAA_-MSNDMxNzYwNTUyNDc0tDAzMDIW4jPU9fZ1zghxTw5NyolMAgCgP7ovIwAAAA
.adsby.bidtheatre.com/	1970-01-20 17:03:56	Name: __kuid Value: d120611d-0b3b-44eb-b748-4f3b5d83681e.471645212
.de17a.com/	1970-01-21 01:32:15	Name: guid Value: 1.4553918725328846174
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86213\|ZXkJ7
.adform.net/	1970-01-20 17:38:29	Name: C Value: 1
.demdex.net/	1970-01-20 21:13:03	Name: demdex Value: 51136055349677424991475642946634641044
.adform.net/	1970-01-20 18:20:15	Name: uid Value: 6209421023275974938
sync.srv.stackadapt.com/	1970-01-21 01:39:27	Name: sa-user-id Value: s%3A0-e00e7d26-da4f-5f6e-71e5-2ed5a0a917c6.1pFXuegY9Oynmcr4km8xIIcLUIR75iin2sfGOywXM9k
.srv.stackadapt.com/	1970-01-21 01:39:27	Name: sa-user-id Value: s%3A0-e00e7d26-da4f-5f6e-71e5-2ed5a0a917c6.1pFXuegY9Oynmcr4km8xIIcLUIR75iin2sfGOywXM9k
sync.srv.stackadapt.com/	1970-01-21 01:39:27	Name: sa-user-id-v2 Value: s%3A4A59JtpPX25x5S7VoKkXxorHJoQ.8HjCmCBedvXROz0L4CpPg5PgW%2FMm3P8zzTxDsl1W1qE
.srv.stackadapt.com/	1970-01-21 01:39:27	Name: sa-user-id-v2 Value: s%3A4A59JtpPX25x5S7VoKkXxorHJoQ.8HjCmCBedvXROz0L4CpPg5PgW%2FMm3P8zzTxDsl1W1qE
.jpmcbankna.demdex.net/	1970-01-20 21:13:03	Name: jpmcbankna Value: 51136055349677424991475642946634641044
sync.srv.stackadapt.com/	1970-01-21 01:39:27	Name: sa-user-id-v3 Value: s%3AAQAKIF7RCE1Fz1KkAj-Zqp35NhOmdWcAtfcSH35EsFNg0KzAEHwYBCDsk-SrBjABOgQwgL_qQgTlVc1e.n5JKxEbIJ1sox2MXYGGj%2BnkRxYTLPAVEY%2FodkZDON8g
.srv.stackadapt.com/	1970-01-21 01:39:27	Name: sa-user-id-v3 Value: s%3AAQAKIF7RCE1Fz1KkAj-Zqp35NhOmdWcAtfcSH35EsFNg0KzAEHwYBCDsk-SrBjABOgQwgL_qQgTlVc1e.n5JKxEbIJ1sox2MXYGGj%2BnkRxYTLPAVEY%2FodkZDON8g
.adfarm1.adition.com/	1970-01-20 19:03:27	Name: UserID1 Value: 7311886379233643276

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shortener.zendesk.com/embeddable/config Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
accounts.google.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
ade.googlesyndication.com
ajax.googleapis.com
app.s.id
bcp.crwdcntrl.net
bid.g.doubleclick.net
blog.s.id
c1.adform.net
cc.adingo.jp
cdn-sdotid.adg.id
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
home.s.id
ib.adnxs.com
id5-sync.com
imagesrv.adition.com
imasdk.googleapis.com
invstatic101.creativecdn.com
jpmcbankna.demdex.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
protagcdn.com
r1---sn-4g5ednsl.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
s.id
s0.2mdn.net
sdotid.zendesk.com
secure.adnxs.com
securepubads.g.doubleclick.net
shortener.zendesk.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
static.zdassets.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
app.s.id
home.s.id
region1.analytics.google.com
sdotid.zendesk.com
104.16.51.111
104.18.36.155
104.18.72.113
108.128.70.10
124.146.153.166
134.122.57.34
141.95.98.65
142.250.184.194
142.250.186.98
154.59.122.79
162.159.138.6
172.217.18.2
185.89.210.141
193.0.160.131
193.84.85.178
2001:4860:4802:32::3
2001:4860:4802:32::36
213.155.156.185
217.79.188.21
217.79.188.46
217.79.188.59
2600:1f13:800:7782:c9df:b77c:1926:7ee4
2600:9000:2127:c000:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:78e
2606:4700:20::681a:7f9
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6811:180e
2a00:1450:4001:6a::6
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a00:1450:400c:c06::54
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
3.123.203.242
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
35.204.158.49
35.214.190.53
35.71.131.137
37.157.3.26
45.126.58.90
51.89.9.251
52.194.23.155
52.48.81.28
52.59.107.120
52.86.155.246
54.247.4.160
64.233.167.157
65.9.95.74
69.166.1.34
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b
06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3
06a70b8c1043dd53fd50a28c787fdcc96d00adf2dab6bc8f5f558836a85ee4ba
0713f0f8b5a8e7e067c1a726702ae45a0866c65be56f0b6a1901f58ba200efc7
08e27c3d3459374fae8672b879d9ad1b6965595612605be8d1e0fe873a232ece
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c70c2dd5488612bf0eccb077c37865ec8fae7f93d20b999835fe5a2e54021da
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0eface46a399934cda952d5f5d125ea4f4103ccf5d0a5b900bcdfd14a808af68
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
11d0f48b04d2553ac97b87aae4e8ced4ce81727e65aa31b91ef521d8195a7232
12a2cfd2ffbc1ea445b253c65d32d2800c3b2a027dfa44571f8f2640cc6fc7f1
1373576b47409b734b6d633162733592b809e479940f1507db83ecaf45c7676c
1487936e32296ba5ae5002b7528b604a8784e7b2826bfaebb2ce6ce0d80b6b2e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e
1942ac40ccd6b33412c55f328bcd023a0f62dd595e45d7d5f66da7b228c2cbbc
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1dcba527b4eb4467c18e27acbd8937279404dfd148b77fb5b650bc7f9e208422
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a35d02ba97e3e4cd1b7c4eb7241bab9f41afb84fa2db2f18d665e946a09122e
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f255686c54d42d8c9c2a046638a017312914a16ca4b444cacfbcae8fabe807e
2f9cad3b318540a9345ba5653f3e805108bfe0ba02aa5c135cdeef7322283d72
323356bea8a6a202c80f8ed4dd22ba1cf3eb061f2a8f927e4ce4aca7661ea0e5
345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a
36f19987a72302f93d62560fa2ca9bf4f9b56aeab752648c5e039c05eeccba8a
389566d333197647653fcf27be7e79eb1c93b82bff0f3585cb2ce4a9259ca756
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
396aa9bde88362bd1d235c6cd499d7ebe1e3dea3e988f3d147aed59be821c44e
39d42c51914990a5fd1d0f4450883a50bdcb0f17a6bd5771f86c028101611c9f
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
43477044787cfca0a9ff2f6586e76ddf9721dfe0caa4136d50b204b419969c85
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43ef59339df86d140d563ae54ba0af2ed0bd9d4af5e75fe61edb1b8dbcd2dfdc
4609f2029d4a91ed4d98f3bc6abcefb20588a4b27ce2dd969b7b9d1074800464
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1352059225e20ff83188f1b2a14022ecbbe1f4421226beb884fd7fde98707d
517977e97442af426c8d226fc8187fa9d036c7a566a9cc1488dc553102f8aa64
5411fa3b97646d618255d3aeb674b7cc86798a7ccfdd59136a15e18e87a998e4
54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6199b87f123f744f322eb478305f60fbf9b36b220acd2c099b26428e894f3465
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624ade36c76e96a273bb85a6040d71e1fb731fab6c7b1d30a6460d5664c66fee
6414e2acb93d61cc7427584530f90ae20a94b358bce7cdb4b05dd03eec4b60c5
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
6766855449a9306fdca2e4c00b459422bd25730f90309ff608ccd6c8e6f67371
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e09854c4e5ccc9d3bf3d5ff9d58021b04622f3bb600e9344d6a5a0f25cffb7a
6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
76e4f72ba91fb1440620bb79c43834df68aa57cc038b35325a5acec18db239c4
7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1
7ffc104c9694ddc19f5162ba8021d2ea8fc262ca055042a71e0d17b09b5c0f4e
80cdb452efb83d2576f33946582347cf3715a1eb7707efe34d3bab5c9d2eb705
857e0bdc9ba878e6786a287c65f8e5121f2fb85d244bc3a5f8edbb7d39025ae7
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
8a29ff2cf4b0d13b171b9282d41c69c9324adc9e8842bc0d4ef3f5f0b6b386b7
8bd65dbf5130ef5e064320f6f300b54f82c06e9893055611fcf639d6eb8fbfbc
8cedd808f9c406831a20a8e26435f056d66bd761f3ffbfb7a297a4d1c524dc08
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668
951a2067a584dbb3151388bf54762ad93bf94d45898f311b0bdda74ba76d12de
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
992d5dd4f6d819b096474930d8b6c9b2650042366d1f539b42198ed1fdd73cad
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ec8809d403fd1f42e287cbf8a2eac126f78bca7ef1b7c046bba156e3de7b6a2
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1a01d1b7e2596b94776b19e86f136c2198fe3898792a921df380fc7b44a6f00
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a52eb4b3d22ba31f1bd0b5cfb760ea77142cee79695ae4394c78a9b7bfd7adf8
ad880bd4f96df8c0fa793c170113c0fc2670b09614fcc9b5880402f88956d63a
aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95
bc37a163eb8df49043fdf168f15af82d630845100909c3651a469a96f22cc818
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c58b5a51b2177a2b7d12ee0c4638194266e6efb467b19031602e9f4cb3f13647
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182
d5df1e8e6f20517566308466b4251c6c9e54facd975bcca40713d20b763d3545
d70004b9ccd3af99f650f77d4ff2d318867bf1a0b0bd1fe43799445cbc9bbe97
db9bfa3ff078313996a32ea9199a549baddee1fc790dc11fb910a286ff756698
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd0f104fb9fbe15c6830bffbdb9683cf1a643263a9c30491d420b02c91f90ba
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e491a498ec121779ed7c282df30dc76e479a73a0d2234535399bde198e3c93fc
e55eb04013fbd443d55b10ae80551bba8a4946c62ea50a134e820caeb1521a11
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1
e5b8f8113f98b6e61c77542de0689621daa14087934122935b9d19db67a59dd7
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea0a3347586d6655b46a02ad49e267649273207f1099d548e069cae4b7b2bc61
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3744493019d5eccccd7fa4b762681fa77fffa484d1e67db52a5b2e519c722f8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5eb4ac3390920825c2f368d1fcfca6b0c998b80b75f7b970aab00363137c12d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6e6fb1f93175bf783970742a357934e73808e149f8ab237828f0ca8a12f2588
f8f36fc19fd2de7fd06149429b69254d05e72044347a958e2615d4dcf2bbe8ed
fbb8c1bb3a274e0894353deaa0e93da048a6a40e3a237396f24f068148bb27da
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
fe07efdd5e684d45122a423912418479f077788be884c22db961d91332fb690b
febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

blog.s.id Open in urlscan Pro 2606:4700:20::681a:7f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

89 %HTTPS

46 %IPv6

47 Domains

77 Subdomains

60 IPs

13 Countries

8293 kBTransfer

15429 kBSize

43 Cookies

15 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.s.id Open in urlscan Pro
2606:4700:20::681a:7f9 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

89 %
HTTPS

46 %
IPv6

47
Domains

77
Subdomains

60
IPs

13
Countries

8293 kB
Transfer

15429 kB
Size

43
Cookies

256 HTTP transactions
3 data transactions