telegraf.id Open in urlscan Pro
103.16.198.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://telegraf.id/
Submission: On March 14 via manual (March 14th 2022, 5:39:30 pm UTC) from AE — Scanned from DE

Summary HTTP 297 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 20 domains to perform 297 HTTP transactions. The main IP is 103.16.198.56, located in Jakarta, Indonesia and belongs to IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID. The main domain is telegraf.id.
TLS certificate: Issued by R3 on February 22nd 2022. Valid for: 3 months.

This is the only time telegraf.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
120	103.16.198.56 103.16.198.56	131775 (IDNIC-JAL...) (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta)
3	104.248.96.65 104.248.96.65	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
9	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	95.217.196.186 95.217.196.186	24940 (HETZNER-AS) (HETZNER-AS)
24	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:299::3b4f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
21	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
297	32

120 103.16.198.56 (Jakarta, Indonesia)

ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID)
PTR: reggaeshare.rackrockserver.com

telegraf.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.248.96.65 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

app.indoleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

tpcf.feedify.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.feedify.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.196.186 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.196.217.95.clients.your-server.de

www.gamelegends.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

feedify.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:299::3b4f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.france24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
120	telegraf.id telegraf.id	3 MB
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	609 KB
29	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 pix.eu.criteo.net — Cisco Umbrella Rank: 7328 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	468 KB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	216 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	239 KB
9	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430	101 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	285 KB
7	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35	43 KB
5	feedify.net tpcf.feedify.net — Cisco Umbrella Rank: 171740 cdn.feedify.net — Cisco Umbrella Rank: 129176 feedify.net — Cisco Umbrella Rank: 51576	117 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	58 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	136 KB
3	indoleads.com app.indoleads.com — Cisco Umbrella Rank: 202234	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
2	wp.com i0.wp.com — Cisco Umbrella Rank: 2628	281 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	646 B
1	france24.com s.france24.com — Cisco Umbrella Rank: 80880	206 KB
1	gamelegends.it www.gamelegends.it — Cisco Umbrella Rank: 923969	234 KB
1	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 11096	757 B
297	20

	Domain	Requested by
120	telegraf.id	telegraf.id
40	tpc.googlesyndication.com	googleads.g.doubleclick.net telegraf.id tpc.googlesyndication.com pagead2.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net telegraf.id
21	static.criteo.net	ads.eu.criteo.com
16	pagead2.googlesyndication.com	telegraf.id pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	fonts.gstatic.com	fonts.googleapis.com
8	www.googletagservices.com	googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	telegraf.id googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.google.com	4 redirects tpc.googlesyndication.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	pix.eu.criteo.net	ads.eu.criteo.com
3	s0.2mdn.net	tpc.googlesyndication.com googleads.g.doubleclick.net
3	cat.nl.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net telegraf.id
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	telegraf.id www.googletagmanager.com
3	app.indoleads.com	telegraf.id app.indoleads.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	i0.wp.com	telegraf.id
2	cdn.feedify.net	telegraf.id
2	tpcf.feedify.net	telegraf.id
1	googleads4.g.doubleclick.net	telegraf.id
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.france24.com	telegraf.id
1	feedify.net	cdn.feedify.net
1	www.gamelegends.it	telegraf.id
1	3.bp.blogspot.com	telegraf.id
1	ajax.googleapis.com	telegraf.id
297	31

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
feedify.net

Subject Issuer	Validity	Valid
telegraf.id R3	`2022-02-22` - `2022-05-23`	3 months	crt.sh
app.indoleads.com R3	`2022-01-29` - `2022-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.feedify.net AlphaSSL CA - SHA256 - G2	`2022-02-02` - `2023-03-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gamelegends.it AlphaSSL CA - SHA256 - G2	`2021-07-19` - `2022-08-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
www.france24.com DigiCert SHA2 Secure Server CA	`2021-05-14` - `2022-05-18`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://telegraf.id/
Frame ID: 59B13D072230C975709E701E2119F55C
Requests: 161 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: D79149358BDF7BC49E24757D529FEBEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&adk=1812271804&adf=3025194257&lmt=1647279560&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftelegraf.id%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560657&bpp=2&bdt=903&idt=228&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3632240574453&frm=20&pv=2&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: 0599BE0034365FDBF77E83069084445E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=90&slotname=7970900263&adk=1248245880&adf=285078558&pi=t.ma~as.7970900263&w=928&lmt=1647279560&psa=0&format=928x90&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560659&bpp=1&bdt=905&idt=251&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EgPIwP5S0e&p=https%3A//telegraf.id&dtd=260
Frame ID: 7EC059698D5D06960EB6D3416D6D75BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=2102537956&adf=2377076630&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560660&bpp=2&bdt=907&idt=263&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=szkFO8MlWU&p=https%3A//telegraf.id&dtd=268
Frame ID: B6D5BEEDC51887769BBEDCBAD266C793
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=8741902400&adk=251449570&adf=221927416&pi=t.ma~as.8741902400&w=970&lmt=1647279560&psa=0&format=970x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560662&bpp=1&bdt=908&idt=328&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VgxOaERV8u&p=https%3A//telegraf.id&dtd=330
Frame ID: E6CB5BCADCE6F2972DDD866CF52B9FEC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335
Frame ID: 97D4C03DA1164A799FA773AC93E83E2F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342
Frame ID: E58132F1A14FCF922FE450F45E9E2164
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=280&slotname=3200966967&adk=355734708&adf=563175072&pi=t.ma~as.3200966967&w=1200&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560768&bpp=2&bdt=1014&idt=265&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=94c3vtheM0&p=https%3A//telegraf.id&dtd=267
Frame ID: 14E2F22A0C14709ABD28E1EF4D196BDF
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC05gKmrSOAAwPVDWt98OEeqNM5vEbhg&u=%7C5N3zz54%2Bsw%2BZhaPpLjiwB5q08k3dE2rINnPqTSrZ8Vw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog8KEmNcGjoYfrReS4OGq6XnEDhvssp9_z20WkSKnz0i3IKCV6Uems9s9_lcN8RCtHu80ayDx8LdU2qkAgPYeTgDxSKoaiL6VxCN25xCH9i4ZdQAhy5s22luppdLVEIHIEiIgJetYj64Knc9Z_1n7X6K79XzNtfttn-YmMasnz84OrQZYajp-Rd_EkArTrytsERAGV-UFpqySK38OYnJ6GZVCltsycy79AItDhtp86GjGnxl2_75GW2Uot3jrOYH0fUeDuqZXtXj5IV5JXvPiWoi6Z_Nyk87-ZrLyBM1GPeeA1SRp5me5AmA7WWwAcyF5ptzjh2zbrzpxYWqVThD2JJxMnSjHsqa2VkFsu_Jo1lHHdXnFKXnA4YyKah1xdobZ9-YprCw8aKcC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfSMbyX0vYpinC47p6gTUnrDQC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjI3OTYzMzQ5MzAzNzA2N6AB1bbS6gPIAQmpAlSqhXYlXbI-qAMBqgTrAU_QIFs3HzrepSDGAm2ucug_vUzq3gyE0fbtJnnX2KgIU0L3osDM50ioc0JRR-wXOR18V4xbLddT36hQyxHLg-NvDdMDwAPbZWwY8nYNmtRPFGKoQO6hMmx4X_zFpnF4_0XHvOPX8bJZuMYvIo218nmNK_TJQV10GZN2afCxDN9LuITMTGRLCLMnklxq3mnRxGd3KyClNk-yLpCMaLGUfscfjB6OyFsbzR-aMLNcGQzccAaBKOilZELPggOI146Che0Ga-Wuw0m-nIGrN_8pnXEqFobTulJI3U71-79yalGOFyYSe5pQpHjFNxCABpqUjfnVkoTTvwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sz-2erOXSwOdiabHj0KKiJuejMA%26client%3Dca-pub-2279633493037067%26adurl%3D
Frame ID: 132B732DC1E9F52E6021CF125141F77E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C2QMzyX0vYuitC6ON78EPwZaSkA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQJUqoV2JV2yPqgDAaoE6AFP0BeWMjue_jBxO38RWtTV2EdTZpCnUByJt3SPNYbpAUJVkyWOe5OiWnzhW6xp16Ow3zSCMML_5NAiJzXPcEB5dDqvyH_Zq3xp5hfPZbRHWG0AfztpPeLZzy9Me5-ekNjmYeIsHlwABLBRZAYF8m7xGw0UaQciEgQ4RkDTHvonR3B_5WHm-KaTXZoIQNNaUuxG0MvdF7r7K0G2RSEdngp257KrfECR7w5_n09DIm_UPUfeJUMoDDWRhy6iYm8c87HiV2X5WpBkEAEdV8SKmWJUCWLe39IKADVgm9gegleZkVZAJX9s2KMpgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjI3OTYzMzQ5MzAzNzA2NxgA&sigh=JdEJ34oimIU&uach_m=[UACH]&cid=CAQSGwCNIrLMFHpezaiDN3UREIeAm2HxF-EDvrq1rRgB
Frame ID: BB9CAD523BC121C050807B615F7417EA
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC1ugCO8ajAASLQXBf-28b3_A34UKUrg&u=%7C5N3zz54%2Bsw%2F6cPaANMZ0a%2BT8ByXt04dqZjzOpVQgUQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog8Qwkp_DM0l7KusZ7ZOeDUirUnCuq6Mm12Y2nRe1NoNfyznBV6-PX1lnyTgnsf5l77qekTyLv7nPPqNn-CMcvqOumEJtaBcnnAVOKrc75glq6FrSl93fEietZ7Tj7IywTfYOOZxEwncTMsTJyDH-beuQeCB_khCJeM9Gg33oqHPR0pTAgfVjdOfZ68uGbVDtea88Qxh8OkR7iqVaXX-G8t4Gvp3gAqqdOGNz6L2kXefBQ5n-hMJgSFAYJjnqXO6_s_dYfuOTrtbSePm0l3UYRi7rDG_lZTIHJY2DgnQJ8GivjNrrLMgV67XhLUDsTn7dRnmcw5grDCicYONGdDEpgBHQnuAoQun255tfmbYWWrcyJrr1qkKUc5C6zwvOiDKD_ZLmzABQh2Bl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDbOyX0vYuitC6ON78EPwZaSkA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQJUqoV2JV2yPqgDAaoE6wFP0BeWMjue_jBxO38RWtTV2EdTZpCnUByJt3SPNYbpAUJVkyWOe5OiWnzhW6xp16Ow3zSCMML_5NAiJzXPcEB5dDqvyH_Zq3xp5hfPZbRHWG0AfztpPeLZzy9Me5-ekNjmYeIsHlwABLBRZAYF8m7xGw0UaQciEgQ4RkDTHvonR3B_5WHm-KaTXZoIQNNaUuxG0MvdF7r7K0G2RSEdngp257KrfECR7w5_n09DIm_UPUfeJUMoDDWRhy6iYm8c87HiVyf7ewLjn50O6FieOrJpr5rXy9i8Cht4GWzWv_FrLkhsPfrGXLCWipE3gAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Wx1PRxBnVPXRMc_Wa0QYOxSyNWQ%26client%3Dca-pub-2279633493037067%26adurl%3D
Frame ID: 8C452C0CE00F0AEFA5F81FF61BB9A281
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC13cKmuAUAANUFq0OI9O_oDhaYnZGAQ&u=%7C5N3zz54%2Bsw%2Bh4Gz2XNHF9wtnZ4sgDDCCLvRINGrfAhk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog1V4QixPDMz7GrnjGLKGc5PIosskJPH_OHsWGBlzcIPmc2lOJox8uS7CgjP2JHsp1gEpjvtsTqCEQCkxheI-ob5NU4nM7jc4KaqyJJaztgmLbIAsdee2RhpODWjjHxttnBi4MAMXmvozW-nk2u6qCzl_h8dAW77qGOWoJ1A3G_8jmzsaSAyZOuhY5eovlJgyZFgoOA2KrSvWSfvyxmdLTViWxZppap7pgV6ZqnDAwXfqFYMm88IsF31nHFKsNWdL9q8lW4S07_YW85tutx_W6WbrjQ2iLCAGeS6zADDIEqttjhTAztWixTSd0eF1HfJlNAZMQQvgz7QCNsSR9OAA-OpqGcUqJChxsxIjKFsltFeZI0JY09-2W8SITcT5FJlm-z-Gz6VXUHas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBm9SyX0vYveuC5TA6wSWqA3JntKxXPWdmPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQIRJ-Q3hmGyPqgDAaoE6wFP0Nvji5QWCqN_zx2xCnZcGHPVSmOqv6zqxKZJRsPQfVC88ktsPfCSsb5oRrNQMzEYG5lPEDlhGpTGqjmePIz7nk4641F0Msbj2P3WADyLKkhBTIINT5lycuvEiJe1hWyZRkSdMmeSA1gfWvJiJDyQDSkXyV1HKHqZq9ZVNWpZ7nD_ClaWdabgK4kD7CmOMJkDNzXrQ7x0TavFBb-pFnBeSbbd8degUnriyVEAst4MvM8ulX0m7cyvTSk79eaIRhMoZfROO_npmkZNmIjCsqTzmZm0VCGTC_xxs-9mjI4cqTBQ6xWg4m7bBEOkgAaalI351ZKE078BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2kkbgbbbTFS3Rq0vLiHEAmXoTk0w%26client%3Dca-pub-2279633493037067%26adurl%3D
Frame ID: 6CED4BEC8118DFDDDD593A451E3F2C5F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A16FC6C8F46686FBA41389664395A7B7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html
Frame ID: 40F13420E8DAB20ED4C8EE6654FFBD30
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CKKhxyX0vYpS8C5Wr6gSKzpmYA_X1sdJo-5eR0bMPo7aSnMEvEAEgvqPHY2CV4pCCoAegAY7T9soDyAEJqQICYzEer9u1PqgDAcgDSKoE8QFP0EZBiHTpPWN32N1bR_uJJPAzGW3FIa_xzfc3psNS1lVq_vcFNeNN4X8b0VeJH8kgN-Yq1Lu5wdesIPwApJHRW4T79gR0GLqVE4-aAn_5YgSAJ8MpxEzXD3-0_OGQJfiwm6ju0mFsB0UejXERl65E987JJyfEAi6k08Q3JuZHwaRYQlkMHpTl_zeMII-8yTPaRztFPIh6gFWudqSj7G5H7EegYyOhFSA6QLHM-6AwYLa42wb6qSGk2bf8Nf64wnLEjs7bm55OvuBvlG2REgoCkAgLeBxi1ANvV4rB90WDIP4dsaDjkLJjFPJvclSISCfEwAS-kcD55gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH2qyJNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIDeA9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0yMjc5NjMzNDkzMDM3MDY3GAA&sigh=nNYA_58rG24&uach_m=[UACH]&template_id=419
Frame ID: CE64B0C9A493FECBEE73E61226564967
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7893D38D2168849818A249D3E9EAA604
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0FD4A93B20D56ED67B3BD8E27DF268F9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B9BE0644F7536B7FF0D9132DAF322A0F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html
Frame ID: C01024A909B3E98F541177D9324DF78B
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B0E4A3CDA592D6688BB3809DA834DFAA
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B160B9451551A90C6A45C511E7E5736
Requests: 2 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8BwB6KE8TLHP0yZpJtA6gjPFfMSdbuuU3m3HdlMsgW0_Xp6NPTcg50MTNuDt91JwZU0OTjyITeLDEvLO8vH1QpgK1CXuxLQk8aUtXbvqrTCtY20TQYHcVb8STAc9SM4WNIWqO9n2WownStFaS_Y_4JnGOtFr65IO-FxPOkfEvtcwYe6VFKmCvgI0qtv_LDxVarUO3KnaglkDEaeZxwW2tUNfUthOeBLGoGJaQ08hfrYLx-CPv8l5XfPtoPoll43O1GEXrAMcveWrpPRm3r5dD5ITMjMwqJEC6TlQ7LMXJCoyhHi-MCdZwBDEeheqQUkZEYh2Vk-Vg3PDgFidHGd8pYeSV46mMSLE4lQJOAVIkmWW1W3SIu2F1AS2NFiuohOMNXe2jq2laNIE586OeE5NpTCM4T8icEvIkhYga-HpNHv2yqXehkrzm2oBpQtJs6X1pkdSbGKFr5xCRdzzAHXvOjT2QjvTkD9AhG5qjJTZyJq3AmO1060zcoxHG2jgH08p5zD7bu1EyDSUt-6FQ_846DrH1y0fRtAqARB_7i2_Sys9WCuRxOMRXj_5ZYrb3mjJtPx2xeqASIwd4kdzoiK_S5i3h3qt9Pf-9ppcDKqPDXf5kiPus8YI5QZNZE67lIam19xhTzqN-fcDriV7nNGI1H9hctPHF0a7s7hYxBXoquaQJnteOl58HHKTV4BIiv-8imsrg5bEpAzfUwlYa82SHC4KBkt7f7vzYVreq4UC91FlvarHcSgCIDF3vfW7ErinaPSoEiL6qh7iGNNIbPvddaaxToDaY4MTYVbR73FUrNnR2hSJn4KVDAx4z4G7k1A0sediW3sNZExn9kjNHVbu8Pvbqj5IuqNwSmCCz2lZhG8fyW1Rm6fOn2JPYqTgmPI9OPh3UxrmXin0YOoFREsZcsBJcXwzQnWv1BlHVhCkBFvHbjGYRFXIcvvpbhTfjszD4B1jQU1lLC7PYTuqo2-NgOYw1lkAx0O5b9P8i0X6Ar7nlyoipCzySYLD5F7tjjD9SmGHwWM3XhL9uz_7J26pl-FDfO1zIOSUaHOMmj1YY&sai=AMfl-YRjeXl-HrvuaI1P-KHqO_l5D25ci8jcswFkAr7FCNlrsZQxtZz4oh8PxQ&sig=Cg0ArKJSzKuX0FB4Af-GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 1D8B662BECA05DEEDF7736C954012290
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A6F93A86B0546FC7DF7E3FA54103A9DB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DE61C827F97B2B1D69BE1E31272DEF0A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Frame ID: B90C9AF320FA0800026BCA1DE2D0D86D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9CA9F9A62E4FC43379B6CEE143850E43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A30C283A05F4B8CEEC789CFB45A920DE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The World Other Side

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

297
Requests

100 %
HTTPS

65 %
IPv6

20
Domains

31
Subdomains

32
IPs

6
Countries

5804 kB
Transfer

10118 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/telegraf.id

Search URL Search Domain Scan URL

URL: https://twitter.com/telegraf_id

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC82_0vOLUoVkgMNmcJ1fPxA

Search URL Search Domain Scan URL

URL: https://feedify.net/?utm_source=referral&utm_medium=PoweredBy&utm_campaign=https%3A%2F%2Ftelegraf.id%2F

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 231

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 254

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 283

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 286

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

297 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
telegraf.id/ 206 KB
28 KB 706ms
351ms Document
text/html 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed / PHP/7.4.27
Resource Hash: 7a1e7d8d76a711e49e39ae33d9da9ce552a922c4c454a77899533be44a90da84

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.4.27
content-type: text/html; charset=UTF-8
link: <https://telegraf.id/wp-json/>; rel="https://api.w.org/" <https://telegraf.id/wp-json/wp/v2/pages/111310>; rel="alternate"; type="application/json" <https://telegraf.id/>; rel=shortlink
etag: "766419-1647250958;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 28641
date: Mon, 14 Mar 2022 17:39:19 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 url_transformer.min.js Show response
app.indoleads.com/js/platform/ 3 KB
1 KB 569ms
189ms Script
application/javascript 104.248.96.65
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.indoleads.com/js/platform/url_transformer.min.js
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.96.65 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b4d7bb654912b5fe91b72976aaf733866c489f1c2b9ab84c0501e8b258d9e6b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Monday, 14-Mar-2022 17:39:20 GMT
server: nginx/1.10.3 (Ubuntu)
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
63 KB 148ms
58ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4JPKGHN97Y

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f642358b66e4dd8229d42529f5a991b9c97c86659fb57a06223f6a13079c105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64514
x-xss-protection: 0
expires: Mon, 14 Mar 2022 17:39:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 154ms
63ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86910fab72b89546d23458f560789ebcc95b8737e86f8392394fc2481c5b6712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54748
x-xss-protection: 0
server: cafe
etag: 4995777118182394246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Mar 2022 17:39:20 GMT

GET
H2 200 style.min.css
telegraf.id/wp-includes/css/dist/block-library/ 81 KB
10 KB 180ms
175ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Wed, 23 Feb 2022 11:57:19 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10531
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 font-theme.css
telegraf.id/wp-content/plugins/theia-post-slider-premium/dist/css/ 9 KB
2 KB 182ms
177ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/theia-post-slider-premium/dist/css/font-theme.css?ver=2.7.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 57d8cf45bc3887e1f7c67d6694bd486bc36cb1f1bb4d94299226c595896cc006

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 16:35:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1731
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 frontend.min.css
telegraf.id/wp-content/plugins/wp-user-avatar/assets/css/ 72 KB
9 KB 185ms
180ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.9
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 3a03eec8b6b8f7367f1b66ff53ac880713e88c910b739e00c7c022534c179e57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 21:48:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9516
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 flatpickr.min.css
telegraf.id/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 16 KB
3 KB 185ms
181ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.9
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 21:48:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2810
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 select2.min.css
telegraf.id/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 186ms
181ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 21:48:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1800
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
36 KB 128ms
40ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css?ver=5.9.2

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 02:35:32 GMT
x-content-type-options: nosniff
age: 313427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36536
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 02:35:32 GMT

GET
H2 200 photoswipe.css
telegraf.id/wp-content/plugins/reviewer/public/assets/css/ 10 KB
2 KB 185ms
181ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/reviewer/public/assets/css/photoswipe.css?ver=3.14.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: fde399c76c780a4f79243746b4d1b53e4f283579c8ac6a2227d90574f982eeeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2122
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 dashicons.min.css
telegraf.id/wp-includes/css/ 58 KB
34 KB 185ms
182ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-includes/css/dashicons.min.css?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 18:32:20 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35110
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 reviewer-public.css
telegraf.id/wp-content/plugins/reviewer/public/assets/css/ 133 KB
11 KB 185ms
182ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/reviewer/public/assets/css/reviewer-public.css?ver=3.14.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 210fcfb9ed0fff68def23eec598a8f790b56dcf4d13a1087e98eea07aa0696c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11425
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 style.css
telegraf.id/wp-content/themes/zox-news/ 128 KB
18 KB 185ms
182ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/style.css?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: a47667b69804371f99a43c41acfe324912f20153380bbf31732acd4e87c4405f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Tue, 08 Sep 2020 15:30:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18631
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 reset.css
telegraf.id/wp-content/themes/zox-news/css/ 1 KB
581 B 185ms
183ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/css/reset.css?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Tue, 08 Sep 2020 08:56:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 525
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 font-awesome.css
telegraf.id/wp-content/themes/zox-news/font-awesome/css/ 34 KB
7 KB 363ms
360ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/font-awesome/css/font-awesome.css?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Tue, 08 Sep 2020 08:56:16 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6615
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Oswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPT+Serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

466bb55f560c5cf2b9e3544db9040a96597f4ba7dfe76365c41a5793d31e8c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 16:15:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Mar 2022 17:39:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Mar 2022 17:39:19 GMT

GET
H2 200 media-queries.css
telegraf.id/wp-content/themes/zox-news/css/ 116 KB
10 KB 362ms
360ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/css/media-queries.css?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: fdb2577b31b4c9dc42d321eb50b146e6a4ccba2af19f58469d3eeb91fa7a8922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Tue, 08 Sep 2020 08:56:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9847
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 front.css
telegraf.id/wp-content/plugins/heateor-social-comments/css/ 4 KB
2 KB 362ms
360ms Stylesheet
text/css 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/heateor-social-comments/css/front.css?ver=1.6
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: a270463478af8759e67dd88fdafff16cf872fdbdfde6f8020b8c4b20b7bd1d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Sun, 06 Dec 2020 20:11:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1557
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 jquery.min.js Show response
telegraf.id/wp-includes/js/jquery/ 87 KB
30 KB 360ms
358ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Wed, 21 Jul 2021 03:58:55 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30273
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 jquery-migrate.min.js Show response
telegraf.id/wp-includes/js/jquery/ 11 KB
4 KB 360ms
359ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 07:36:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 flatpickr.min.js Show response
telegraf.id/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
13 KB 360ms
359ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 21:48:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13752
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 select2.min.js Show response
telegraf.id/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
18 KB 361ms
359ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 21:48:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18500
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 57ms
53ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192630985-1

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e06b41c7d14218f348a6df2a33634d5874dbf52a7680bdc5ee051be747241f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36974
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 16:59:36 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Mar 2022 17:39:20 GMT

GET
H2 200 ajax-test.js Show response
telegraf.id/wp-content/plugins/push-notification-by-feedify// 1 KB
499 B 361ms
360ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/push-notification-by-feedify//ajax-test.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 48ff290fb1868967e78e0a2fe94ddf1fb6c51ef84abad4e067ad223b8b8b166d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:19 GMT
content-encoding: br
last-modified: Sun, 30 May 2021 10:21:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 443
expires: Mon, 21 Mar 2022 17:39:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 150ms
60ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2279633493037067

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231f60af738c01e2b980d265970a85d28f564c95f1620c6ee54143f9a09e97d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegraf.id/
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54728
x-xss-protection: 0
server: cafe
etag: 14607073657363545655
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Mar 2022 17:39:20 GMT

GET
H2 200 TELEGRAF-ASIA-ICON.png
telegraf.id/wp-content/uploads/2021/11/ 5 KB
5 KB 378ms
374ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/11/TELEGRAF-ASIA-ICON.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 3023e39bcf6e102586c8f4386b9d0fef08de619a28be4ffe41e0fbe11addd770

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Mon, 08 Nov 2021 22:03:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5213
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 KBI-Icon.png
telegraf.id/wp-content/uploads/2021/12/ 7 KB
7 KB 378ms
374ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/KBI-Icon.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: ad1ec81e1b06f30d90a41d7de5cb6d34e0f04279b08f748224a8a5ef01e966c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Tue, 28 Dec 2021 05:20:44 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7110
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 theia-post-slider.js Show response
telegraf.id/wp-content/plugins/theia-post-slider-premium/dist/js/ 34 KB
10 KB 177ms
176ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/theia-post-slider-premium/dist/js/theia-post-slider.js?ver=2.7.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: a3be0675d153e46a2fcaabfe32d7a11ca90cad8e389cc95d83c0756666bb340c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 16:35:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9859
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 ResizeSensor.js Show response
telegraf.id/wp-content/plugins/theia-sticky-sidebar/js/ 6 KB
1 KB 176ms
176ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:50:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1409
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
telegraf.id/wp-content/plugins/theia-sticky-sidebar/js/ 16 KB
3 KB 177ms
173ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:50:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3340
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 main.js Show response
telegraf.id/wp-content/plugins/theia-sticky-sidebar/js/ 435 B
184 B 190ms
183ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:50:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 152
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 frontend.min.js Show response
telegraf.id/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
2 KB 190ms
184ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.9
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 0818610c65fd1ca125b6f560e6cb6e6c8c299e461c2ce91ed197972623cdaf3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 21:48:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2205
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 core.min.js Show response
telegraf.id/wp-includes/js/jquery/ui/ 20 KB
6 KB 198ms
191ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Wed, 23 Feb 2022 11:57:19 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6599
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 jquery.sticky-kit.min.js Show response
telegraf.id/wp-content/plugins/zox-alp//scripts/ 3 KB
1 KB 198ms
191ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/zox-alp//scripts/jquery.sticky-kit.min.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:32 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1194
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 jquery.waypoints.min.js Show response
telegraf.id/wp-content/plugins/zox-alp//scripts/ 10 KB
3 KB 198ms
192ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/zox-alp//scripts/jquery.waypoints.min.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:32 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2965
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 jquery.nouislider.all.min.js Show response
telegraf.id/wp-content/plugins/reviewer/public/assets/js/ 18 KB
6 KB 198ms
192ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/reviewer/public/assets/js/jquery.nouislider.all.min.js?ver=3.14.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: bbf94e5438333ae008e9b742cf1dd74dd310f7385ebe6f9ef4fdc82976de34a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6446
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 photoswipe.js Show response
telegraf.id/wp-content/plugins/reviewer/public/assets/js/ 40 KB
14 KB 198ms
192ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/reviewer/public/assets/js/photoswipe.js?ver=3.14.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 9ca0e984615396c430f5f5b0071acf29a6ee2086c33dd2992a0722222e10a0ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14668
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 jquery.knob.js Show response
telegraf.id/wp-content/plugins/reviewer/public/assets/js/ 24 KB
5 KB 198ms
192ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/reviewer/public/assets/js/jquery.knob.js?ver=3.14.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 0bfc0795245dfb367e2600f248ee85a485c8acb3d23409f8dd5dffdb2845576d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5487
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 reviewer.public.min.js Show response
telegraf.id/wp-content/plugins/reviewer/public/assets/js/ 4 KB
1 KB 198ms
193ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/reviewer/public/assets/js/reviewer.public.min.js?ver=3.14.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 4cd14927179cd88891fae3057a4ce4a7cf499af73f65c3b2e83f32e1598c0288

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1297
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 reviewer-reviews-boxes.js Show response
telegraf.id/wp-content/plugins/reviewer/public/assets/js/ 131 KB
41 KB 198ms
193ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/reviewer/public/assets/js/reviewer-reviews-boxes.js?ver=3.14.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 6b56887afb6436cbf903b3339832656cd04ed202eef5629be210fc10cb1355c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 42368
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 reviewer-widget-users-reviews.js Show response
telegraf.id/wp-content/plugins/reviewer/public/assets/js/ 90 KB
30 KB 198ms
193ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/reviewer/public/assets/js/reviewer-widget-users-reviews.js?ver=3.14.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: e71bfe0dbb5b7a9cf82ab6f1165c8831077302ef10dd60e02cfb5a338c5c1ac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Mon, 07 Sep 2020 18:48:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30936
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 mvpcustom.js Show response
telegraf.id/wp-content/themes/zox-news/js/ 0
39 B 198ms
193ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/js/mvpcustom.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Tue, 08 Sep 2020 08:56:18 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 0
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 scripts.js Show response
telegraf.id/wp-content/themes/zox-news/js/ 120 KB
26 KB 199ms
193ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/js/scripts.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 69751f40928d2926f8edc62099a3a00383d97846b0ec1bbd15232fea3cdb657c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Tue, 08 Sep 2020 08:56:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26611
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 retina.js Show response
telegraf.id/wp-content/themes/zox-news/js/ 3 KB
1 KB 199ms
193ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/js/retina.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Tue, 08 Sep 2020 08:56:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1039
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 jquery.infinitescroll.min.js Show response
telegraf.id/wp-content/themes/zox-news/js/ 21 KB
11 KB 199ms
194ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/js/jquery.infinitescroll.min.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Tue, 08 Sep 2020 08:56:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11638
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 comment-reply.min.js Show response
telegraf.id/wp-includes/js/ 3 KB
1 KB 199ms
194ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-includes/js/comment-reply.min.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 14:30:50 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1221
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 image.js Show response
telegraf.id/wp-content/plugins/featured-image-from-url/includes/html/js/ 4 KB
928 B 199ms
194ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.8.7
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 430df020a5c2325ff6283cba6d9689c87e8f6cba53094fa342a55e2c15fcb39b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 21:48:20 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 870
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 362 B
757 B 137ms
37ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:36:14 GMT
x-content-type-options: nosniff
age: 186
content-disposition: inline;filename="btn_close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 362
x-xss-protection: 0
server: fife
etag: "v1764"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 07:00:52 GMT

GET
H/1.1 404
Not Found c3c0135020259fe641a3060c162fd7b9.js
tpcf.feedify.net/uploads/settings/ 0
0 493ms
285ms Script
text/html 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://tpcf.feedify.net/uploads/settings/c3c0135020259fe641a3060c162fd7b9.js?ts=0.6638730892989972
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK feedbackembad-min-3.0.js Show response
cdn.feedify.net/getjs/ 216 KB
58 KB 236ms
44ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feedify.net/getjs/feedbackembad-min-3.0.js
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: cloudflare /
Resource Hash: 7af89e05174c8c2a00971109f50fa06ca0f32456e6ee1e7e86207d2fcf870a7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 17:39:20 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6616
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATpJBtkcz3zX2v5CM9lwtGp7ualozlxcdCeHqTuoD7QqCNZDoDX63HOhPqJMsChmzovKP5rSEiXeEeA6O86sTBhrQk%2BzGbjGDAs%2BOETXxvqWAjcnjVbcMK0UcTaejA%3D%3D"}],"group":"cf-nel","max_age":604800}
Connection: Keep-Alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 58082
Last-Modified: Thu, 03 Mar 2022 07:03:03 GMT
Server: cloudflare
etag: W/"62206827-36146"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-HW: 1647279560.dop112.am5.t,1647279560.cds291.am5.shn,1647279560.dop112.am5.t,1647279560.cds232.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6ebded9e2ecc9162-FRA

GET
H2 200 wp-emoji-release.min.js Show response
telegraf.id/wp-includes/js/ 18 KB
4 KB 378ms
374ms Script
application/javascript 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
last-modified: Wed, 21 Jul 2021 03:58:55 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4539
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H/1.1 404
Not Found c3c0135020259fe641a3060c162fd7b9.js
tpcf.feedify.net/uploads/settings/ 0
0 493ms
284ms Script
text/html 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://tpcf.feedify.net/uploads/settings/c3c0135020259fe641a3060c162fd7b9.js?ts=0.4999702966094215
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK feedbackembad-min-5.0.js Show response
cdn.feedify.net/getjs/ 215 KB
58 KB 342ms
43ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feedify.net/getjs/feedbackembad-min-5.0.js
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: cloudflare /
Resource Hash: 8b413db26e4a20cb854027c92b99f7068dc019587cbf252da250f656f3dad0a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 17:39:20 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 405
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FRBPnwA2R0TG%2FhmHbF1CrsAshATugII%2BHOlfWLjrMZTmtvGjLY2IA1lRF%2B%2BtnhM2bCdz7DX9FVJoXOWfZkQfc1B%2FWh%2BOf%2BUjUGl6iCf%2BOyj9CvlVZajsuCFDBbZKg%3D%3D"}],"group":"cf-nel","max_age":604800}
Connection: Keep-Alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 58016
Last-Modified: Thu, 03 Mar 2022 07:03:03 GMT
Server: cloudflare
etag: W/"62206827-35dd4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-HW: 1647279560.dop112.am5.t,1647279560.cds291.am5.shn,1647279560.dop112.am5.t,1647279560.cds203.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6ebdf9a17dde909d-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Oswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPT+Serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 287477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Mar 2023 09:48:03 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 160ms
71ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4JPKGHN97Y&gtm=2oe370&_p=1387786905&sr=1600x1200&ul=en-us&cid=998751855.1647279560&_s=1&dl=https%3A%2F%2Ftelegraf.id%2F&dt=The%20World%20Other%20Side&sid=1647279560&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4JPKGHN97Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://telegraf.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192630985-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4JPKGHN97Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07cdff21c581466020324d8bcea384212cd2228e20483dc5f37ac2d5f2116bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37004
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 16:59:36 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Mar 2022 17:39:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 158ms
95ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 430848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 17:58:32 GMT

GET
H2 200 fontawesome-webfont.woff2
telegraf.id/wp-content/themes/zox-news/font-awesome/fonts/ 70 KB
70 KB 258ms
256ms Font
font/woff2 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.id/wp-content/themes/zox-news/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-content/themes/zox-news/font-awesome/css/font-awesome.css?ver=5.9.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://telegraf.id/wp-content/themes/zox-news/font-awesome/css/font-awesome.css?ver=5.9.2
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Tue, 08 Sep 2020 08:56:16 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 71896
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 111ms
50ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 531440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 14:02:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
16 KB 185ms
124ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:46:04 GMT
x-content-type-options: nosniff
age: 499996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16408
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:02:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:46:04 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v47/ 25 KB
25 KB 150ms
108ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 23:30:17 GMT
x-content-type-options: nosniff
age: 324543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25384
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 23:30:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 124ms
82ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 430981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 17:56:19 GMT

GET
H2 200 Jen-Psaki.jpeg
telegraf.id/wp-content/uploads/2022/03/ 59 KB
59 KB 478ms
175ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Jen-Psaki.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: b67b3b7430f8f5d50aa2af078954625940a9e1f098d1e72121a12557d7a73a3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Mon, 14 Mar 2022 05:38:01 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 60482
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Jake-Sullivan-400x240.jpg
telegraf.id/wp-content/uploads/2022/03/ 21 KB
21 KB 480ms
177ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Jake-Sullivan-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: dbceb6fe826f17b2ead9343766987a130f84858107bcd6c6745e7ae6393ea56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Mon, 14 Mar 2022 05:31:23 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21487
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Mikhail-Gorbachev-Reagan-400x240.jpeg
telegraf.id/wp-content/uploads/2022/03/ 19 KB
19 KB 480ms
178ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Mikhail-Gorbachev-Reagan-400x240.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 8e95f3e59dc0381c9ec5e1c3a186f474febd00f9a62a51b18e4b91599b3c386a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Mon, 14 Mar 2022 05:20:09 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19649
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 5c16bf45240000ff008c865a-400x240.jpeg
telegraf.id/wp-content/uploads/2021/01/ 13 KB
13 KB 480ms
178ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/01/5c16bf45240000ff008c865a-400x240.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 6b1cffc3d882fb5766284440c98311477f4878d9318df9ac53c532d8b1dead71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Sun, 31 Jan 2021 08:15:54 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13375
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Jake-Sullivan-400x240.jpeg
telegraf.id/wp-content/uploads/2022/03/ 15 KB
15 KB 481ms
179ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Jake-Sullivan-400x240.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: cb0db0a2c4e7742a54b87f07cec2f373be8291ba4df9d3682647fb21c916818f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Mon, 14 Mar 2022 05:07:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15621
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Canadian-Justin-Trudeau-560x600.jpeg
telegraf.id/wp-content/uploads/2022/03/ 53 KB
53 KB 481ms
180ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Canadian-Justin-Trudeau-560x600.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 33fb57f30861156cfa6738e2d6703ba1baea058c3df581f59a6d290404269db2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Fri, 11 Mar 2022 13:44:11 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 54256
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 201016-CARLA-MADISON-RECREATION-CENTER-VOTING-BALLOT-DROPOFF-BOX-ELECTION-COPOLITICS-COLFAX-AVENUE-KEVINJBEATY-03-400x240.jpg
telegraf.id/wp-content/uploads/2022/03/ 39 KB
39 KB 481ms
180ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/201016-CARLA-MADISON-RECREATION-CENTER-VOTING-BALLOT-DROPOFF-BOX-ELECTION-COPOLITICS-COLFAX-AVENUE-KEVINJBEATY-03-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: b28b6345e380fdfe978d3deb568919e8e73f15cefe324ef9eb29441ea730338d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Fri, 11 Mar 2022 13:04:18 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 39918
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Erdogan-hERZOG-400x240.jpg
telegraf.id/wp-content/uploads/2022/03/ 19 KB
20 KB 482ms
180ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Erdogan-hERZOG-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 1aa6a26029430a855bd87d9c07f7dae12e6a5a486bf6d1a2df27def36d4a9a02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Wed, 09 Mar 2022 19:48:29 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19903
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 War-Ukraine-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 6 KB
6 KB 481ms
180ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/War-Ukraine-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 5b6a1c772397e48d1d8d47cea017cd13ccba75bea95433e57b3d52b222179944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Sun, 06 Mar 2022 10:39:17 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5684
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 EU-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 5 KB
5 KB 481ms
180ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/EU-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: c5e88f65b7c07d393569bc7ae826c07c3d7b7ab524683a3225bd317e2c7c72a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Tue, 01 Mar 2022 19:48:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5443
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Michigan-Initiatives-Clash-on-How-to-Stop-GOPs-Election-Deniers-80x80.jpg
telegraf.id/wp-content/uploads/2022/02/ 4 KB
4 KB 481ms
180ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/02/Michigan-Initiatives-Clash-on-How-to-Stop-GOPs-Election-Deniers-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: da64f3bcc8febacae7ca669ffc68d185247ed3a21eec071400d9369174de1e91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Sun, 27 Feb 2022 22:23:58 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3973
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Bob-Dylan-560x565.jpeg
telegraf.id/wp-content/uploads/2022/03/ 38 KB
38 KB 481ms
181ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Bob-Dylan-560x565.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 96ad5f988878b6a5319555c5953a822e9f427ff54001180ebc2512d1468ed922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Wed, 09 Mar 2022 19:58:20 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 38474
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Jennifer-Hudson-and-Ne-Yo-400x240.png
telegraf.id/wp-content/uploads/2022/02/ 135 KB
135 KB 482ms
181ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/02/Jennifer-Hudson-and-Ne-Yo-400x240.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 5e60fbfd4247c38ceed31c8ce4b308df7725f1d5371b95901d9dffbea199e35c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Sun, 27 Feb 2022 21:36:37 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 138527
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 3-members-of-K-pop-sensation-BTS-diagnosed-with-COVID-19-400x240.jpeg
telegraf.id/wp-content/uploads/2021/12/ 9 KB
10 KB 482ms
181ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/3-members-of-K-pop-sensation-BTS-diagnosed-with-COVID-19-400x240.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 25c1182e841716b64bafbf90f2aa7c680bcc4febd579ce04ecea4082507b0744

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Sat, 25 Dec 2021 20:33:59 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9705
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Kate-Blanchett-80x80.jpeg
telegraf.id/wp-content/uploads/2021/12/ 2 KB
2 KB 482ms
181ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/Kate-Blanchett-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: dcbfab594ba5d9d267c3679c2beec1fb2d53ab2d04c468304e33f56b745df159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Tue, 21 Dec 2021 12:46:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2279
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Adele-30-Getty-Images-80x80.jpg
telegraf.id/wp-content/uploads/2021/11/ 3 KB
3 KB 483ms
182ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/11/Adele-30-Getty-Images-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 04390cc35e7fdffe459ab2a98180e821f50e6f1f302a2877bc2cab67904d64c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Sun, 21 Nov 2021 09:21:21 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2813
expires: Mon, 21 Mar 2022 17:39:20 GMT

GET
H2 200 Spider-Man-No-Way-Home-2.jpg
www.gamelegends.it/wp-content/uploads/2021/08/ 234 KB
234 KB 264ms
29ms Image
image/jpeg 95.217.196.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gamelegends.it/wp-content/uploads/2021/08/Spider-Man-No-Way-Home-2.jpg

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.217.196.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.196.217.95.clients.your-server.de

Software

nginx / PleskLin

Resource Hash

80d44a31a3de2c19de82fa01cb1bb58725729d5c6bcc7e1767ed74140e40fe98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Mon, 23 Aug 2021 06:19:48 GMT
server: nginx
x-powered-by: PleskLin
etag: "61233e04-3a82e"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 239662

GET
H2 200 Refuges-Ukrainian-1000x600.jpeg
telegraf.id/wp-content/uploads/2022/03/ 101 KB
102 KB 3020ms
2719ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Refuges-Ukrainian-1000x600.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 155ed836d146bb3cf7c99f6fe05e513de6be057b9b4d0c68ec551a0a1634ab99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Sun, 06 Mar 2022 22:27:53 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 103880
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 41ms
36ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192630985-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 267
date: Mon, 14 Mar 2022 17:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Mar 2022 19:34:53 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ 32 KB
32 KB 116ms
114ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegraf.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:38:15 GMT
x-content-type-options: nosniff
age: 424865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:38:15 GMT

GET
H2 200 Ukraine-400x240.jpeg
telegraf.id/wp-content/uploads/2022/03/ 22 KB
22 KB 2974ms
2673ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Ukraine-400x240.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 159a1540234b557d6193dd186c1b833227f6f0b5a3d4687a98ed5b10297c41f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Mon, 28 Feb 2022 19:06:23 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22553
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Russia-Invades-Ukraine-400x240.jpg
telegraf.id/wp-content/uploads/2022/02/ 16 KB
16 KB 2974ms
2673ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/02/Russia-Invades-Ukraine-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: c5bbf0ebeec2e9af16974dcf17d53155442fd77e48aaac60600d6b4544e19bf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Sun, 27 Feb 2022 20:56:31 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16580
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Biden_70978-400x240.jpg
telegraf.id/wp-content/uploads/ 13 KB
13 KB 2974ms
2673ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/Biden_70978-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 12d9a105d2975f9116e4f76a50fcfe2f3f5de702bdc757f0c291bcfbc26cc8ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Sat, 06 Mar 2021 06:18:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13262
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Putin-Xi-Jinping-400x240.png
telegraf.id/wp-content/uploads/2022/03/ 155 KB
155 KB 2974ms
2672ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Putin-Xi-Jinping-400x240.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 3fbdd20ddcd049f26c1532297b6f1d66fb8bd07d1af3b36bacbb2c6a6303ec08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Mon, 14 Mar 2022 04:01:33 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 158389
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Ukraine-Refugees-400x240.jpg
telegraf.id/wp-content/uploads/2022/03/ 18 KB
18 KB 1732ms
1431ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Ukraine-Refugees-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 8885da7cf968dd7b364fe880fa120fc94f58078985da51acba4c30644d37db23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sat, 12 Mar 2022 03:12:41 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18442
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Hulusi-Askar-400x240.jpg
telegraf.id/wp-content/uploads/2022/03/ 17 KB
17 KB 1733ms
1431ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Hulusi-Askar-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 4d0905d7fdcc0d5da5746f838ca87d7e8775a4f357252e88d2e0dce2c880f3c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 09 Mar 2022 20:34:40 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17336
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 China-Yuan-Currency-560x600.png
telegraf.id/wp-content/uploads/2022/03/ 452 KB
453 KB 1733ms
1432ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/China-Yuan-Currency-560x600.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: bfbb0f6fedb2674faac5208ca287f9af4f38477fedb5336ca970b8b101c43032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 14 Mar 2022 04:59:45 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 463284
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Gas-400x240.jpg
telegraf.id/wp-content/uploads/2022/03/ 15 KB
15 KB 1733ms
1432ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Gas-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: d6ee1c4c8cbaafca36510126edc86fe528ce23d330fbfd3ee61742b1bae7c57f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sat, 12 Mar 2022 02:59:29 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14899
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Russia-Oil-80x80.png
telegraf.id/wp-content/uploads/2022/03/ 14 KB
14 KB 1733ms
1432ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Russia-Oil-80x80.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 64bc314813513a9c1cdbb901025dbc94dbc7579514ed24012e47783d36294404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 09 Mar 2022 20:28:44 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14427
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Biden-Rusia-Oil-80x80.jpeg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 1733ms
1432ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Biden-Rusia-Oil-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 7b0838d8df40afc8c5f3bcb9d6de38267621c840d16bfb22d98d0332ae2f41cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Tue, 08 Mar 2022 19:08:08 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2056
expires: Mon, 21 Mar 2022 17:39:21 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 90ms
45ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1387786905&t=pageview&_s=1&dl=https%3A%2F%2Ftelegraf.id%2F&ul=en-us&de=UTF-8&dt=The%20World%20Other%20Side&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=1642016218&gjid=1592291483&cid=998751855.1647279560&tid=UA-192630985-1&_gid=2090385143.1647279561&_r=1&gtm=2ou370&did=dZTNiMT&gdid=dZTNiMT&z=660269659

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://telegraf.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://telegraf.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/ 294 KB
106 KB 122ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2279633493037067&plah=telegraf.id&bust=31065567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2279633493037067

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fddf6cf4f2ab5380526b9640621980c535777b493d502e2625bdaa3f7e08da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108472
x-xss-protection: 0
server: cafe
etag: 9445268584125135589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Mar 2022 17:39:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame D791 10 KB
5 KB 125ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2279633493037067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 13 Mar 2022 23:41:54 GMT
expires: Sun, 27 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 64646
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 search_offers_multiple Show response
app.indoleads.com/api/ 1 KB
616 B 212ms
212ms XHR
application/json 104.248.96.65
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.indoleads.com/api/search_offers_multiple
Requested by: Host: app.indoleads.com
URL: https://app.indoleads.com/js/platform/url_transformer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.96.65 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a8ff75310c25ec7872e8bb0ad8e1c129f938aa99aad2718609f66b434a18a400

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://telegraf.id/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2FwcC5pbmRvbGVhZHMuY29tL2FwaS9nZXRfYXBpX3Rva2VuIiwiaWF0IjoxNjE0Mjg2MzgzLCJleHAiOjE5Mjk2NDYzODMsIm5iZiI6MTYxNDI4NjM4MywianRpIjoiRFowWEp6a0pJYzFnTHRmZyIsInN1YiI6IjYwMzgwMmUxNDAxY2U5NTlkOTM5YWVkMSIsInBydiI6IjIzYmQ1Yzg5NDlmNjAwYWRiMzllNzAxYzQwMDg3MmRiN2E1OTc2ZjcifQ.gGh83Am4nkIEW2O86wxO22gx4htRu6wTfjMWgWcRTBU
Content-Type: application/json

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
httpblock: 1
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Request-With

OPTIONS
H2 200 search_offers_multiple
app.indoleads.com/api/ Frame 0
0 544ms
197ms Preflight
application/json 104.248.96.65
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.indoleads.com/api/search_offers_multiple
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.96.65 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://telegraf.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Request-With
access-control-allow-credentials: true
cache-control: no-cache, private
date: Mon, 14 Mar 2022 17:39:21 GMT
httpblock: 1
content-encoding: gzip

GET
H2 200 / Show response
feedify.net/thirdparty/json/setting/ 3 KB
2 KB 350ms
308ms Script
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedify.net/thirdparty/json/setting/?callback=fdy11130051424133879209855_1647279560791&_=1647279560792
Requested by: Host: cdn.feedify.net
URL: https://cdn.feedify.net/getjs/feedbackembad-min-3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a2c77a69de8c5ebcc6503a8b5d9321a2183c4dd900d4b0a5f2c9c2eb722fd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2jjPFIrDzFBe9oCLitoI1DWmezJ7W1qeO%2FZfuGGui4Zq7xNyl8Ov69VgSJTiYkq%2FL4JjRNVKJQf5ULuULetS8foavtEras2%2BIofiSSja3Gl18pz%2FgdTmt3CQ7sWbO0f9wfbMUOfvUIlnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6ebec9c74d759b8f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Jen-Psaki-560x600.jpeg
telegraf.id/wp-content/uploads/2022/03/ 44 KB
44 KB 1430ms
1130ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Jen-Psaki-560x600.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 3f24fb0aa76dc30f53a4feaaeff397ea9cc9a85e35f3393d269de9b9e6d6644a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 14 Mar 2022 05:38:03 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 44961
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Jake-Sullivan-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 8 KB
8 KB 1430ms
1130ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Jake-Sullivan-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: b3d3e420a0d4481e37f086a47c38ec388337ad6d8a3ee993a3f3ac547e4c49e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 14 Mar 2022 05:31:23 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7689
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Mikhail-Gorbachev-Reagan-80x80.jpeg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 1429ms
1127ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Mikhail-Gorbachev-Reagan-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 1d1a03b48da089bab81893fa43501d18058e8202bac5b61cbe160d49cd69976b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 14 Mar 2022 05:20:09 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2503
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 5c16bf45240000ff008c865a-80x80.jpeg
telegraf.id/wp-content/uploads/2021/01/ 2 KB
2 KB 1429ms
1127ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/01/5c16bf45240000ff008c865a-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: b83869d05cd450d1c121821d882815b0d2d57984aaf148c65f7055716c8d4a8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sun, 31 Jan 2021 08:15:54 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2425
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Jake-Sullivan-80x80.jpeg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 1429ms
1128ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Jake-Sullivan-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 306bb92aa567bfccd7124e97238b4a11f6ce9fd93ee81df31cbebb02a26b14e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 14 Mar 2022 05:07:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2223
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 201016-CARLA-MADISON-RECREATION-CENTER-VOTING-BALLOT-DROPOFF-BOX-ELECTION-COPOLITICS-COLFAX-AVENUE-KEVINJBEATY-03-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 21 KB
21 KB 1429ms
1128ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/201016-CARLA-MADISON-RECREATION-CENTER-VOTING-BALLOT-DROPOFF-BOX-ELECTION-COPOLITICS-COLFAX-AVENUE-KEVINJBEATY-03-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: d2fed050e95d08758174529a4737db27492916ea5249662f468cdba22b67f401

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 11 Mar 2022 13:04:18 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21033
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Erdogan-hERZOG-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 1429ms
1127ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Erdogan-hERZOG-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 28a1dcdc7cceeb07441a3f50ccf35bef0fe532f5bbc7399c3b11fb557fbdbc62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 09 Mar 2022 19:48:29 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2250
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Jennifer-Hudson-and-Ne-Yo-80x80.png
telegraf.id/wp-content/uploads/2022/02/ 13 KB
13 KB 1429ms
1126ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/02/Jennifer-Hudson-and-Ne-Yo-80x80.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 776df24daa38536b487851475fe6662425b793709e1860c37a6ccf3cfaa5d2e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sun, 27 Feb 2022 21:36:37 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13443
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 3-members-of-K-pop-sensation-BTS-diagnosed-with-COVID-19-80x80.jpeg
telegraf.id/wp-content/uploads/2021/12/ 2 KB
2 KB 1429ms
1126ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/3-members-of-K-pop-sensation-BTS-diagnosed-with-COVID-19-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: e2c8c6a96f599918b3613060086aa1f2c5cd9e32d9e6fc42dcf637bd06baf901

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sat, 25 Dec 2021 20:33:59 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1818
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Refuges-Ukrainian-400x240.jpeg
telegraf.id/wp-content/uploads/2022/03/ 22 KB
23 KB 1429ms
1127ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Refuges-Ukrainian-400x240.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 40bb392b997d8a67ba3f10835dba4a55b4dcdb91233a9d1ab7ef81bf82598854

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sun, 06 Mar 2022 22:27:54 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23026
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Ukraine-80x80.jpeg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 1429ms
1125ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Ukraine-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: d38d082aaf247a6ae4639da09d6e26cee180aa3fd26aed092235bc01ea00b8b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 28 Feb 2022 19:06:23 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2321
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Russia-Invades-Ukraine-80x80.jpg
telegraf.id/wp-content/uploads/2022/02/ 2 KB
2 KB 1429ms
1125ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/02/Russia-Invades-Ukraine-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 0249dd822788873f1194bd04f9d42d1620de32c4b6e6f511758e5838ac80c4d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sun, 27 Feb 2022 20:56:31 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1860
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Biden_70978-80x80.jpg
telegraf.id/wp-content/uploads/ 2 KB
3 KB 1430ms
1126ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/Biden_70978-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 508a77783f0a3f407770701276a3c18a148734784054d94da859219b3348f08f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sat, 06 Mar 2021 06:18:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2521
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Putin-Xi-Jinping-80x80.png
telegraf.id/wp-content/uploads/2022/03/ 13 KB
13 KB 1430ms
1126ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Putin-Xi-Jinping-80x80.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 4246b866cf6ec03646fb66267c356907b42281fe077e65b9d956551b80495b26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 14 Mar 2022 04:01:33 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13713
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Ukraine-Refugees-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 1430ms
1126ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Ukraine-Refugees-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 2953c35c361740aedac408ddc1be9a01cd32e2e3f2012b42a1e00d3039c6d7e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sat, 12 Mar 2022 03:12:41 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2341
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Hulusi-Askar-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 1430ms
1126ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Hulusi-Askar-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 6e8497f122514039396c2f38017006ca609ee92664fcf01c018ec879f3fcc1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 09 Mar 2022 20:34:40 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2271
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Gas-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 1430ms
1127ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Gas-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 3831d72046cdbd2c5197cbd6aba3d2a4aa3aa86f56aa59aa804c2bf833df703e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sat, 12 Mar 2022 02:59:29 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2158
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 SWIFT-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 5 KB
5 KB 1430ms
1127ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/SWIFT-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 780655c20a6443898039db0dfcc81c7ba143abcef13ac732f100bbe360dd3cd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 11 Mar 2022 14:15:17 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5382
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 MetaFacebook.-Credit-ChesnotGetty-Images-80x80.jpg
telegraf.id/wp-content/uploads/2021/12/ 2 KB
3 KB 1430ms
1127ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/MetaFacebook.-Credit-ChesnotGetty-Images-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: a0022a5ec488e212af2fc0a35e0152651cf5aeb5fad98a0bae33b626b25ed93f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Tue, 28 Dec 2021 13:38:13 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2524
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Meta-FB-80x80.png
telegraf.id/wp-content/uploads/2022/03/ 7 KB
7 KB 1430ms
1127ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Meta-FB-80x80.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: bd7edf92686496dfa9a2f0f55774f5cb9fd80db97c23de0e3173118a1f6ddaa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 11 Mar 2022 13:57:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7277
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Putin-RT-80x80.png
telegraf.id/wp-content/uploads/2022/03/ 12 KB
12 KB 1430ms
1128ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Putin-RT-80x80.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 59b631751438e448d92654f578802ccd3bc1e4daba1b814302b28b1e3514bd51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 28 Feb 2022 19:22:57 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12346
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Elon-Musk-80x80.jpeg
telegraf.id/wp-content/uploads/2021/12/ 2 KB
2 KB 1430ms
1128ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/Elon-Musk-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 3fd2ceb6a02c2edea43be734ff4934e46185dc14ae166e42b2375794f02dfa54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 31 Dec 2021 03:53:08 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1998
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Robotic-Understanding-AI-Before-It-Overtakes-Us-80x80.jpg
telegraf.id/wp-content/uploads/2021/12/ 2 KB
2 KB 1430ms
1128ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/Robotic-Understanding-AI-Before-It-Overtakes-Us-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: c4555775ab902e67344bbb4148ae91a261764e91d510f82074f9e09d1b3badba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 22 Dec 2021 04:08:57 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2165
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 PDI-P-general-chairman-Megawati-Soekarnoputri-400x240.jpg
telegraf.id/wp-content/uploads/2022/03/ 16 KB
16 KB 1430ms
1128ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/PDI-P-general-chairman-Megawati-Soekarnoputri-400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 3bb96ba1e01606907cf24a477793593802019dc134635b0f1581bc02e290ab80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sat, 12 Mar 2022 03:30:21 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16513
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 NORTHKOREA-MISSILES-400x240.png
telegraf.id/wp-content/uploads/2022/03/ 99 KB
99 KB 1430ms
1128ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/NORTHKOREA-MISSILES-400x240.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 32bff71b81629cebe01c1336b0d666512fba4e5ec87eaf800a1e2998d881d35b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 09 Mar 2022 20:55:28 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 101731
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Balochistan-Karlos-Zurutuza-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 9 KB
9 KB 1430ms
1128ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Balochistan-Karlos-Zurutuza-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: bc8d271c1c4e29672e13f962303f5345e540ccf4168d36441da4740edf684190

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 09 Mar 2022 19:11:25 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8838
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Afghan-People-80x80.png
telegraf.id/wp-content/uploads/2022/02/ 16 KB
16 KB 1430ms
1129ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/02/Afghan-People-80x80.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: dddc61e2b83d6446e19afe721f5f06ee354f74b836e0e2d29247ac49292d8cc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sun, 27 Feb 2022 18:24:57 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16030
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Hendrik-80x80.jpg
telegraf.id/wp-content/uploads/2022/02/ 2 KB
2 KB 1433ms
1131ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/02/Hendrik-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: fff8809367ec82828d9cc9bf6c544fc680c0a3267cd930bb72d992377dd9a941

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 09 Feb 2022 09:12:45 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2193
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Japan-US-%E2%80%98Island-Chain-Will-Roil-China-Russia-80x80.jpg
telegraf.id/wp-content/uploads/2021/12/ 2 KB
2 KB 1433ms
1132ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/Japan-US-%E2%80%98Island-Chain-Will-Roil-China-Russia-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 371cda6d4616a736cc66139af04bf593c56bd790a51ad6fa38b7a67e92374439

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 31 Dec 2021 03:26:31 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1626
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Zelensky-Visits-Wounded-Soldiers-at-Hospital-400x240.jpeg
telegraf.id/wp-content/uploads/2022/03/ 19 KB
20 KB 1433ms
1129ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Zelensky-Visits-Wounded-Soldiers-at-Hospital-400x240.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 0332540bb95cbb22a3accf58dc6c45e13b316802426f59f419baad401337a050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 14 Mar 2022 04:15:52 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19923
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Russian-Vladimir-Putin-400x240.png
telegraf.id/wp-content/uploads/2022/03/ 138 KB
138 KB 1433ms
1130ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Russian-Vladimir-Putin-400x240.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: fead3e2b8db4b09a8baf3ba39c04456804c93091bb1d70342fd446dba20ed739

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 11 Mar 2022 18:01:49 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 141646
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Hungary-COVID-vaccination-children-scaled-1-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
3 KB 1433ms
1130ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Hungary-COVID-vaccination-children-scaled-1-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 835c7b76dda81e9203cdc8d7591a8935e6785deae551ae9ad163f4d5301c1e4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 28 Feb 2022 19:32:23 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2537
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Planetary-80x80.jpg
telegraf.id/wp-content/uploads/2021/12/ 25 KB
26 KB 1435ms
1132ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/Planetary-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: af525b993dff010b33028fa850a40d83b2392df2d1a0d14596ec804db4dd94d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 17 Dec 2021 09:33:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26092
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 American-Journalist-Killed-Near-Kiev-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 12 KB
12 KB 1436ms
1133ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/American-Journalist-Killed-Near-Kiev-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: d396c8b469f3f49afb9964a444a9e5fc222e3cac8227eb5bfd82091bf6913506

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Mon, 14 Mar 2022 04:53:51 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11859
expires: Mon, 21 Mar 2022 17:39:21 GMT

GET
H2 200 Hitler-80x80.png
telegraf.id/wp-content/uploads/2022/03/ 6 KB
6 KB 2589ms
2286ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Hitler-80x80.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 7a6887bd4cbb45bdd3af0c3619e4bb2078930a9c9f94d087d333b061d522e6c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Mon, 14 Mar 2022 04:43:22 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6003
expires: Mon, 21 Mar 2022 17:39:22 GMT

GET
H2 200 CC-BY-2.0-BIOHAZARD-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 2589ms
2287ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/CC-BY-2.0-BIOHAZARD-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: c2cde20f060ad80ccbf14d18d515940a48e4d9b3b77d55c79fafa4663f1d44d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Fri, 11 Mar 2022 17:47:05 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2099
expires: Mon, 21 Mar 2022 17:39:22 GMT

GET
H2 200 EU-Europe-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 3 KB
3 KB 2589ms
2287ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/EU-Europe-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 6f93125ba3953845b554e4446a315c276c2b824152bb0a65880ae362051f220d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Fri, 11 Mar 2022 14:25:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2584
expires: Mon, 21 Mar 2022 17:39:22 GMT

GET
H2 200 Bar-Rafaeli-80x80.png
telegraf.id/wp-content/uploads/2022/03/ 14 KB
14 KB 2589ms
2287ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Bar-Rafaeli-80x80.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 936a08172aff5c9337da58594b7a781a8ea033e4c611b97b9cbf276761f7ef5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Fri, 11 Mar 2022 14:08:21 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14643
expires: Mon, 21 Mar 2022 17:39:22 GMT

GET
H2 200 Iran-Nuclear-Talks-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 8 KB
8 KB 2589ms
2287ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Iran-Nuclear-Talks-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: fac9a58de966219a8121da4a11469ba9c39e369ac3532f30b9da8b6438db47bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Fri, 11 Mar 2022 13:19:35 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8306
expires: Mon, 21 Mar 2022 17:39:22 GMT

GET
H2 200 ukraine-military-1-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 2589ms
2287ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/ukraine-military-1-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 6bb296349d6279d90f4d53167ac376e940ff20f0274f2319f1d6dc10b7ec2a07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Fri, 11 Mar 2022 13:11:55 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2147
expires: Mon, 21 Mar 2022 17:39:22 GMT

GET
H2 200 Antony-Blinken--80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 3 KB
3 KB 2589ms
2287ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Antony-Blinken--80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 4e42d64ad3e350ba6de71e680ba3add5d483191501a3d3f89c2563fb10f3f923

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Wed, 09 Mar 2022 21:09:41 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2861
expires: Mon, 21 Mar 2022 17:39:22 GMT

GET
H2 200 Ukraine-Soldiers-80x80.jpg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 2589ms
2287ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Ukraine-Soldiers-80x80.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 718270dcbf739db8340fed0b2fc2f277388da2cdbfd192e59255714b31adee2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Wed, 09 Mar 2022 20:16:37 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2434
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Ukraineia--80x80.jpeg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 2589ms
2288ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Ukraineia--80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: ce3f29f85857ee5c8e71407f87fa580bb153df6dac9ee1bfba29bb8f611a24b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Wed, 09 Mar 2022 19:37:22 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2027
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Ukrainian--80x80.jpeg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 2589ms
2288ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Ukrainian--80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: ed942e730cd1b8b58643d34c23a3af01ae3f8c12d26bae0e2a36f839b733b582

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Wed, 09 Mar 2022 19:30:29 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2427
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Understanding-the-War-in-Ukraine-80x80.jpeg
telegraf.id/wp-content/uploads/2022/03/ 2 KB
2 KB 2657ms
2355ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Understanding-the-War-in-Ukraine-80x80.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 50dc700f0e4aacf15f17499c2af659f64360579ba32a2641c73e487afc480c11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Wed, 09 Mar 2022 19:21:33 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2069
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Antony-Blinken--400x240.jpg
telegraf.id/wp-content/uploads/2022/03/ 20 KB
20 KB 2657ms
2356ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/Antony-Blinken--400x240.jpg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: fb5ed3672bec6620938a89d8d1629e85503c3213095a500f5f0f4c6b38f76f7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Wed, 09 Mar 2022 21:09:41 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20806
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 zelensky-400x240.png
telegraf.id/wp-content/uploads/2022/03/ 145 KB
145 KB 2657ms
2356ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2022/03/zelensky-400x240.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: b5bd46c68d75a193f285542f534bd319fa05a6d8233730538d9b9a47f1012d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Sun, 06 Mar 2022 22:35:39 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 148753
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Biden-Christmas-400x240.jpeg
telegraf.id/wp-content/uploads/2021/12/ 12 KB
12 KB 2657ms
2356ms Image
image/jpeg 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/Biden-Christmas-400x240.jpeg
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: ff0a54ce8419687b2491376343d65322bf1248af78654d11d48e87a746ea717f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Sat, 25 Dec 2021 09:38:17 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11955
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Defense-Secretary-Lloyd-Austin-400x240.png
telegraf.id/wp-content/uploads/2021/12/ 151 KB
151 KB 2657ms
2356ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/Defense-Secretary-Lloyd-Austin-400x240.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: 6a4578d5ecb3dfff7793ed78bd79d5dff75a75448e3ca7c66055df6c059b2c79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Wed, 22 Dec 2021 05:01:04 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 154995
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 Julian-Assange-400x240.png
telegraf.id/wp-content/uploads/2021/12/ 152 KB
152 KB 2657ms
2356ms Image
image/png 103.16.198.56
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.id/wp-content/uploads/2021/12/Julian-Assange-400x240.png
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.16.198.56 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: reggaeshare.rackrockserver.com
Software: LiteSpeed /
Resource Hash: b86f601fc455e43a6151cb22b4407e7ec71ebe9842efed1b88f234dd8932b7b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
last-modified: Mon, 20 Dec 2021 11:55:55 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 155654
expires: Mon, 21 Mar 2022 17:39:23 GMT

GET
H2 200 75f5776a8ee4896d2797d3e076150fdc0fb0cb1a.webp
s.france24.com/media/display/05f0919a-fb18-11eb-8aca-005056a97e36/w:1280/p:16x9/ 205 KB
206 KB 299ms
47ms Image
image/webp 2a02:26f0:6c00:299::3b4f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.france24.com/media/display/05f0919a-fb18-11eb-8aca-005056a97e36/w:1280/p:16x9/75f5776a8ee4896d2797d3e076150fdc0fb0cb1a.webp
Requested by: Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::3b4f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d5b14ffb0ee42b33f3d219f9cd9f595d1609f8613e7dc7ee825e9b3470c85304

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-clara-backend-id: db113s__fmm__MEZZO_PROD
date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Sat, 05 Feb 2022 01:50:34 GMT
server: nginx
etag: "61fdd7ea-335d8"
x-clara-wadp: 270730509
inserted-into-cache-at: Wed, 09 Mar 2022 07:19:46 GMT
x-wadp-cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 210392
expires: Mon, 14 Mar 2022 21:39:21 GMT

GET
H2 200 SMICplay.jpg
i0.wp.com/asiatimes.com/wp-content/uploads/2021/07/ 65 KB
65 KB 23ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/asiatimes.com/wp-content/uploads/2021/07/SMICplay.jpg?fit=1200,800&ssl=1

Requested by

Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

65e797500a9c2028a3f92718d82c547ad1946f74058fb6d4dc2e64d19c53ce66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 14 Mar 2022 17:39:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Feb 2022 20:14:22 GMT
server: nginx
etag: "7d1c39cff6a3bf4a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://asiatimes.com/wp-content/uploads/2021/07/SMICplay.jpg>; rel="canonical"
content-length: 66628
expires: Sun, 11 Feb 2024 08:14:22 GMT

GET
H2 200 Chip-1play.jpg
i0.wp.com/asiatimes.com/wp-content/uploads/2021/07/ 215 KB
216 KB 31ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/asiatimes.com/wp-content/uploads/2021/07/Chip-1play.jpg?fit=2041,1361&ssl=1

Requested by

Host: telegraf.id
URL: https://telegraf.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7fd6e92822b4cbae2b120c2159f358f1e14a79d0885970678e1ff5e224cea52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 14 Mar 2022 17:39:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Feb 2022 20:14:23 GMT
server: nginx
etag: "42f58c28a5c1d226"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://asiatimes.com/wp-content/uploads/2021/07/Chip-1play.jpg>; rel="canonical"
content-length: 220360
expires: Sun, 11 Feb 2024 08:14:23 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
646 B 256ms
47ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=telegraf.id&callback=_gfp_s_&client=ca-pub-2279633493037067

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2279633493037067&plah=telegraf.id&bust=31065567

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c084441d383da3f172124fd32f707b43cb1b95bfbb47c7cde3f015048d803896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 254ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=telegraf.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 252ms
47ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=telegraf.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftelegraf.id%2F&tn=DIV&id=floatads&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0599 345 KB
79 KB 619ms
570ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&adk=1812271804&adf=3025194257&lmt=1647279560&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftelegraf.id%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560657&bpp=2&bdt=903&idt=228&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3632240574453&frm=20&pv=2&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bd5f24b2a252abd4968151b0129e58f142098897ccbfd33f2b6544024f7e072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Mar 2022 17:39:21 GMT
server: cafe
content-length: 80804
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:21 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7EC0 58 KB
26 KB 1025ms
977ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=90&slotname=7970900263&adk=1248245880&adf=285078558&pi=t.ma~as.7970900263&w=928&lmt=1647279560&psa=0&format=928x90&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560659&bpp=1&bdt=905&idt=251&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EgPIwP5S0e&p=https%3A//telegraf.id&dtd=260

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caee2a142fd7755d5746862d21c2ed0b8f383a28cd958cfc1edc4136f3a73787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 26647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:22 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B6D5 28 KB
10 KB 463ms
415ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=2102537956&adf=2377076630&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560660&bpp=2&bdt=907&idt=263&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=szkFO8MlWU&p=https%3A//telegraf.id&dtd=268

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec0366216b9bcdc945e694bdead774e507849db3fcb6999105b94697b0af2eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Mar 2022 17:39:21 GMT
server: cafe
content-length: 10255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:21 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6CB 22 KB
9 KB 342ms
295ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=8741902400&adk=251449570&adf=221927416&pi=t.ma~as.8741902400&w=970&lmt=1647279560&psa=0&format=970x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560662&bpp=1&bdt=908&idt=328&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VgxOaERV8u&p=https%3A//telegraf.id&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

660f90ffef7757ec01d02a4e88a253a38ef1c512dcd0aabbd55ca62260eb809b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Mar 2022 17:39:21 GMT
server: cafe
content-length: 9563
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:21 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 97D4 22 KB
9 KB 501ms
454ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c2923672504b1264ee25eb467fe09ede657e178ef4d09f7b92e9ba4271fbcdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Mar 2022 17:39:21 GMT
server: cafe
content-length: 9560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:21 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E581 138 KB
45 KB 750ms
704ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db7c9be0f06b793b1e89e94ad52e55a7f3a827988f85295ae6d2eebbdffe70f3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNTE3MiSxvYCFZWVmgodCmcGMw&gqi=yX0vYvLeCa2Q7_UP6KG_yAc&layout=/sadbundle/%24csp%253Der3%24/16648248580127555213/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNTE3MiSxvYCFZWVmgodCmcGMw&gqi=yX0vYvLeCa2Q7_UP6KG_yAc&layout=/sadbundle/%24csp%253Der3%24/16648248580127555213/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Mar 2022 17:39:21 GMT
server: cafe
content-length: 45665
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:21 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14E2 75 KB
23 KB 416ms
371ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=280&slotname=3200966967&adk=355734708&adf=563175072&pi=t.ma~as.3200966967&w=1200&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560768&bpp=2&bdt=1014&idt=265&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=94c3vtheM0&p=https%3A//telegraf.id&dtd=267

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a772693c443f1324ea81e3ec244689534fbd6619d43da91adbab071ad200a539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Mar 2022 17:39:21 GMT
server: cafe
content-length: 23246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:21 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame E6CB 2 KB
1 KB 162ms
76ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=8741902400&adk=251449570&adf=221927416&pi=t.ma~as.8741902400&w=970&lmt=1647279560&psa=0&format=970x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560662&bpp=1&bdt=908&idt=328&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VgxOaERV8u&p=https%3A//telegraf.id&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6CB 117 KB
36 KB 141ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame E6CB 15 KB
7 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E6CB 0
0 71ms
70ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfrA2yX0vYpinC47p6gTUnrDQC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjI3OTYzMzQ5MzAzNzA2N6AB1bbS6gPIAQmpAlSqhXYlXbI-qAMBqgToAU_QIFs3HzrepSDGAm2ucug_vUzq3gyE0fbtJnnX2KgIU0L3osDM50ioc0JRR-wXOR18V4xbLddT36hQyxHLg-NvDdMDwAPbZWwY8nYNmtRPFGKoQO6hMmx4X_zFpnF4_0XHvOPX8bJZuMYvIo218nmNK_TJQV10GZN2afCxDN9LuITMTGRLCLMnklxq3mnRxGd3KyClNk-yLpCMaLGUfscfjB6OyFsbzR-aMLNcGQzccAaBKOilZELPggOI146Che0GKeePUc4xAJIUq-uKTUyM7o_HsORC81Z3T3dPzKMxCQoK_jDUt8eABpqUjfnVkoTTvwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjc5NjMzNDkzMDM3MDY3GAA&sigh=ONDyRHgGPI8&uach_m=[UACH]&cid=CAQSGwCNIrLMK53ypmiJWKJ8yG_QpjODS8mCF-2ZEBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=8741902400&adk=251449570&adf=221927416&pi=t.ma~as.8741902400&w=970&lmt=1647279560&psa=0&format=970x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560662&bpp=1&bdt=908&idt=328&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VgxOaERV8u&p=https%3A//telegraf.id&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 14 Mar 2022 17:39:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Mar 2022 17:39:21 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame E6CB 0
0 77ms
21ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UKzDEuLBMMoH-gGdg2ICAgAAAAO7yOOE1wY8EMl9L2KMXKuchSfHYaOLwAAS&wp=Yi99yQAC05gKmrSOAAwPVDWt98OEeqNM5vEbhg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 273441
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 132B 116 KB
41 KB 103ms
56ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC05gKmrSOAAwPVDWt98OEeqNM5vEbhg&u=%7C5N3zz54%2Bsw%2BZhaPpLjiwB5q08k3dE2rINnPqTSrZ8Vw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog8KEmNcGjoYfrReS4OGq6XnEDhvssp9_z20WkSKnz0i3IKCV6Uems9s9_lcN8RCtHu80ayDx8LdU2qkAgPYeTgDxSKoaiL6VxCN25xCH9i4ZdQAhy5s22luppdLVEIHIEiIgJetYj64Knc9Z_1n7X6K79XzNtfttn-YmMasnz84OrQZYajp-Rd_EkArTrytsERAGV-UFpqySK38OYnJ6GZVCltsycy79AItDhtp86GjGnxl2_75GW2Uot3jrOYH0fUeDuqZXtXj5IV5JXvPiWoi6Z_Nyk87-ZrLyBM1GPeeA1SRp5me5AmA7WWwAcyF5ptzjh2zbrzpxYWqVThD2JJxMnSjHsqa2VkFsu_Jo1lHHdXnFKXnA4YyKah1xdobZ9-YprCw8aKcC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfSMbyX0vYpinC47p6gTUnrDQC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjI3OTYzMzQ5MzAzNzA2N6AB1bbS6gPIAQmpAlSqhXYlXbI-qAMBqgTrAU_QIFs3HzrepSDGAm2ucug_vUzq3gyE0fbtJnnX2KgIU0L3osDM50ioc0JRR-wXOR18V4xbLddT36hQyxHLg-NvDdMDwAPbZWwY8nYNmtRPFGKoQO6hMmx4X_zFpnF4_0XHvOPX8bJZuMYvIo218nmNK_TJQV10GZN2afCxDN9LuITMTGRLCLMnklxq3mnRxGd3KyClNk-yLpCMaLGUfscfjB6OyFsbzR-aMLNcGQzccAaBKOilZELPggOI146Che0Ga-Wuw0m-nIGrN_8pnXEqFobTulJI3U71-79yalGOFyYSe5pQpHjFNxCABpqUjfnVkoTTvwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sz-2erOXSwOdiabHj0KKiJuejMA%26client%3Dca-pub-2279633493037067%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08b462b4adf660b3cced3dc5b32a64c7f3af87771957affab0dd5bc436a5d567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dMr28QHIk4PT7pE2t4ERMFE1fC4l1hvWSyTraZ4JrPcEW-eK7lRSCeDNMPJrz5d5zXzqm2XgwAvJ3utscqbvzgyj1mA_4LR_YBd1vqXUYE_BONWjP92kYmFW7TFFj9ipDzX1bVLGqwV4P_JhwH6n1nVm4euola222lRC0IFw8X1VHX2P3p6o1-K354Qbz7BARYfzL6RiuWsSBwZerYogx2iQ3qgKvWwe0a5hoqJ2ChpvWFnm1TcJzseNPgMT_N03swAj2w"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 33008875
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 f0bb7a1f705d608239f854e986aba8ab.js Show response
www.gstatic.com/mysidia/ Frame 14E2 9 KB
4 KB 125ms
36ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f0bb7a1f705d608239f854e986aba8ab.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=280&slotname=3200966967&adk=355734708&adf=563175072&pi=t.ma~as.3200966967&w=1200&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560768&bpp=2&bdt=1014&idt=265&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=94c3vtheM0&p=https%3A//telegraf.id&dtd=267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dddfdcef973923c7b6cbd4534237ab3dcdc76a8aa3d6d03619566261e0b3e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 10:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 10:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 10:14:08 GMT

GET
H2 200 91e0c874f9703d67138113c8fcce6f41.js Show response
www.gstatic.com/mysidia/ Frame 14E2 8 KB
4 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/91e0c874f9703d67138113c8fcce6f41.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d144e3cedf9b96679caf134416822a66a20c41a61f5569ae0ff09779581fe69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3714
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 14:05:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 14E2 8 KB
892 B 92ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 15:59:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Mar 2022 17:39:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Mar 2022 17:39:21 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 14E2 2 KB
904 B 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:46 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 14E2 19 KB
8 KB 53ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:31:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 14E2 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14E2 117 KB
36 KB 111ms
100ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 14E2 15 KB
6 KB 58ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:35 GMT

GET
H3 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame 14E2 28 KB
12 KB 87ms
41ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 10:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 10:13:17 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 132B 2 KB
1 KB 54ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC05gKmrSOAAwPVDWt98OEeqNM5vEbhg&u=%7C5N3zz54%2Bsw%2BZhaPpLjiwB5q08k3dE2rINnPqTSrZ8Vw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog8KEmNcGjoYfrReS4OGq6XnEDhvssp9_z20WkSKnz0i3IKCV6Uems9s9_lcN8RCtHu80ayDx8LdU2qkAgPYeTgDxSKoaiL6VxCN25xCH9i4ZdQAhy5s22luppdLVEIHIEiIgJetYj64Knc9Z_1n7X6K79XzNtfttn-YmMasnz84OrQZYajp-Rd_EkArTrytsERAGV-UFpqySK38OYnJ6GZVCltsycy79AItDhtp86GjGnxl2_75GW2Uot3jrOYH0fUeDuqZXtXj5IV5JXvPiWoi6Z_Nyk87-ZrLyBM1GPeeA1SRp5me5AmA7WWwAcyF5ptzjh2zbrzpxYWqVThD2JJxMnSjHsqa2VkFsu_Jo1lHHdXnFKXnA4YyKah1xdobZ9-YprCw8aKcC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfSMbyX0vYpinC47p6gTUnrDQC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjI3OTYzMzQ5MzAzNzA2N6AB1bbS6gPIAQmpAlSqhXYlXbI-qAMBqgTrAU_QIFs3HzrepSDGAm2ucug_vUzq3gyE0fbtJnnX2KgIU0L3osDM50ioc0JRR-wXOR18V4xbLddT36hQyxHLg-NvDdMDwAPbZWwY8nYNmtRPFGKoQO6hMmx4X_zFpnF4_0XHvOPX8bJZuMYvIo218nmNK_TJQV10GZN2afCxDN9LuITMTGRLCLMnklxq3mnRxGd3KyClNk-yLpCMaLGUfscfjB6OyFsbzR-aMLNcGQzccAaBKOilZELPggOI146Che0Ga-Wuw0m-nIGrN_8pnXEqFobTulJI3U71-79yalGOFyYSe5pQpHjFNxCABpqUjfnVkoTTvwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sz-2erOXSwOdiabHj0KKiJuejMA%26client%3Dca-pub-2279633493037067%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 132B 2 KB
1 KB 55ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 132B 308 B
636 B 45ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 132B 507 B
835 B 51ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 132B 43 B
347 B 59ms
22ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=vW0SF6v8hs8b6_ncMSgnitQOCV0YIfQNK8kerkw5o8WvkGgnn7T5C-AWbjXN26Z3ur_qP2BiEqAeWWnTVVzkd0c8jvxosmHV8gap_U9bDuTy1Qx_6IRnaLE1y9_7DbvLAlvfD1EPZAmwplS6UiBDPesePZT-tm9OgO3RYZV3dmDFPqn7_inV8RqIGlUCh8bcsqkTtAfBoD2_oQz96jNA_QUdw6PuLFxMDmsfQWkaursooFGrDl8HTOwkdoBmlqCNTA8gBzV55G6B4ERySnTKf0GFczRU0EGeCVGFdFeuOVQl8HJt3b69_pl6kTIa-TO3AWMTTDCaOua4zSDUkVkkq7qX3hzS0cKFw6V5wgYTIVYpOZcgPErrrft1VvqLScux36wqqsQ88a8KxdYm3XVjsgA5QDF8W1eG-_pFUBtx5lWgULI-Aq3Tc-f1TQGfuzX0Hil4GQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:21 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4926722
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BB9C 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2QMzyX0vYuitC6ON78EPwZaSkA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQJUqoV2JV2yPqgDAaoE6AFP0BeWMjue_jBxO38RWtTV2EdTZpCnUByJt3SPNYbpAUJVkyWOe5OiWnzhW6xp16Ow3zSCMML_5NAiJzXPcEB5dDqvyH_Zq3xp5hfPZbRHWG0AfztpPeLZzy9Me5-ekNjmYeIsHlwABLBRZAYF8m7xGw0UaQciEgQ4RkDTHvonR3B_5WHm-KaTXZoIQNNaUuxG0MvdF7r7K0G2RSEdngp257KrfECR7w5_n09DIm_UPUfeJUMoDDWRhy6iYm8c87HiV2X5WpBkEAEdV8SKmWJUCWLe39IKADVgm9gegleZkVZAJX9s2KMpgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjI3OTYzMzQ5MzAzNzA2NxgA&sigh=JdEJ34oimIU&uach_m=[UACH]&cid=CAQSGwCNIrLMFHpezaiDN3UREIeAm2HxF-EDvrq1rRgB

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=2102537956&adf=2377076630&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560660&bpp=2&bdt=907&idt=263&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=szkFO8MlWU&p=https%3A//telegraf.id&dtd=268
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 14 Mar 2022 17:39:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame BB9C 0
0 22ms
22ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UP2jEt2BMKwC-gGdg2ICAgAAAIizYb1v4hoTEMl9L2LYbXRg3NI0odCEBgAS&wp=Yi99yQAC1ugCO8ajAASLQXBf-28b3_A34UKUrg

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 222399
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8C45 44 KB
17 KB 45ms
44ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC1ugCO8ajAASLQXBf-28b3_A34UKUrg&u=%7C5N3zz54%2Bsw%2F6cPaANMZ0a%2BT8ByXt04dqZjzOpVQgUQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog8Qwkp_DM0l7KusZ7ZOeDUirUnCuq6Mm12Y2nRe1NoNfyznBV6-PX1lnyTgnsf5l77qekTyLv7nPPqNn-CMcvqOumEJtaBcnnAVOKrc75glq6FrSl93fEietZ7Tj7IywTfYOOZxEwncTMsTJyDH-beuQeCB_khCJeM9Gg33oqHPR0pTAgfVjdOfZ68uGbVDtea88Qxh8OkR7iqVaXX-G8t4Gvp3gAqqdOGNz6L2kXefBQ5n-hMJgSFAYJjnqXO6_s_dYfuOTrtbSePm0l3UYRi7rDG_lZTIHJY2DgnQJ8GivjNrrLMgV67XhLUDsTn7dRnmcw5grDCicYONGdDEpgBHQnuAoQun255tfmbYWWrcyJrr1qkKUc5C6zwvOiDKD_ZLmzABQh2Bl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDbOyX0vYuitC6ON78EPwZaSkA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQJUqoV2JV2yPqgDAaoE6wFP0BeWMjue_jBxO38RWtTV2EdTZpCnUByJt3SPNYbpAUJVkyWOe5OiWnzhW6xp16Ow3zSCMML_5NAiJzXPcEB5dDqvyH_Zq3xp5hfPZbRHWG0AfztpPeLZzy9Me5-ekNjmYeIsHlwABLBRZAYF8m7xGw0UaQciEgQ4RkDTHvonR3B_5WHm-KaTXZoIQNNaUuxG0MvdF7r7K0G2RSEdngp257KrfECR7w5_n09DIm_UPUfeJUMoDDWRhy6iYm8c87HiVyf7ewLjn50O6FieOrJpr5rXy9i8Cht4GWzWv_FrLkhsPfrGXLCWipE3gAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Wx1PRxBnVPXRMc_Wa0QYOxSyNWQ%26client%3Dca-pub-2279633493037067%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=2102537956&adf=2377076630&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560660&bpp=2&bdt=907&idt=263&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=szkFO8MlWU&p=https%3A//telegraf.id&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5f8ed8a0df03de2b627a5e9465779dfdf9755cd31146fa482771eb67277c6aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uk0PbQHIk4PT7pE2QmbU8BXVs17IwUZvwWs2ERBjksn2vnWQB19Kd9xZoMvPj9FKYe7DYolb8YJ8cd7leH_Z_ePHXAa_xOmyA8QtMupf1q4BJl5lpIjifgvFiVlzE9sTNHTX6DEUgISaC54f1ux1s0gtrPf9UEb1S11iyPpu9Fe04vgQRCIamb6BRgyXh3X2kFrBcpXel_zh0UzZCdjeOjsINMg8G9OyVpstreLOGei2JcBxYCIN7kQJUxH4tSrHSgNTVeFf4AcY-fT6"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 24135432
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame BB9C 2 KB
1 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB9C 117 KB
36 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame BB9C 15 KB
6 KB 85ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 132B 12 KB
6 KB 42ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 132B 73 KB
73 KB 67ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2F3a3c91a447e545329e1543cde54f2e02_uranium_banners_1200_628px.jpg&v=3&s=jeRebTaQx2AWmGExi7-XQ912

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30584985
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 74492
expires: Fri, 03 Mar 2023 17:29:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 132B 11 KB
11 KB 52ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2F3e3bfec5a2394b2480127e4bf7b77600_an-logo-green.png&v=3&w=1936&s=6VGxxvQ1TKt-QYwBPWfjQWhD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30585321
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11390
expires: Fri, 03 Mar 2023 17:34:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 132B 0
127 B 58ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=dMr28QHIk4PT7pE2t4ERMFE1fC4l1hvWSyTraZ4JrPcEW-eK7lRSCeDNMPJrz5d5zXzqm2XgwAvJ3utscqbvzgyj1mA_4LR_YBd1vqXUYE_BONWjP92kYmFW7TFFj9ipDzX1bVLGqwV4P_JhwH6n1nVm4euola222lRC0IFw8X1VHX2P3p6o1-K354Qbz7BARYfzL6RiuWsSBwZerYogx2iQ3qgKvWwe0a5hoqJ2ChpvWFnm1TcJzseNPgMT_N03swAj2w&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 14 Mar 2022 17:39:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 132B 2 KB
1 KB 25ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 132B 2 KB
1 KB 18ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 97D4 2 KB
1 KB 58ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 97D4 117 KB
36 KB 105ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 97D4 15 KB
6 KB 52ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 97D4 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL71_yX0vYveuC5TA6wSWqA3JntKxXPWdmPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQIRJ-Q3hmGyPqgDAaoE6AFP0Nvji5QWCqN_zx2xCnZcGHPVSmOqv6zqxKZJRsPQfVC88ktsPfCSsb5oRrNQMzEYG5lPEDlhGpTGqjmePIz7nk4641F0Msbj2P3WADyLKkhBTIINT5lycuvEiJe1hWyZRkSdMmeSA1gfWvJiJDyQDSkXyV1HKHqZq9ZVNWpZ7nD_ClaWdabgK4kD7CmOMJkDNzXrQ7x0TavFBb-pFnBeSbbd8degUnriyVEAst4MvM8ulX0m7cyvTSk79eaIRhMoZbZMGmtuFdpeJxTWEXTOP2G9QCslAdJpMVuusSjuFi5885AKZn1kgAaalI351ZKE078BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjI3OTYzMzQ5MzAzNzA2NxgA&sigh=MaPj8db2xsM&uach_m=[UACH]&cid=CAQSGwCNIrLMs2o16P95hlQJVWQS6vN99ifbzIOfTxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 14 Mar 2022 17:39:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 97D4 0
0 21ms
21ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UKzDEsz6RMAC-gGdg2ICAgAAAIizYb1v4hoTEMl9L2LVYY1eyKUK0SXs9AAS&wp=Yi99yQAC13cKmuAUAANUFq0OI9O_oDhaYnZGAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 211983
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6CED 119 KB
42 KB 40ms
40ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC13cKmuAUAANUFq0OI9O_oDhaYnZGAQ&u=%7C5N3zz54%2Bsw%2Bh4Gz2XNHF9wtnZ4sgDDCCLvRINGrfAhk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog1V4QixPDMz7GrnjGLKGc5PIosskJPH_OHsWGBlzcIPmc2lOJox8uS7CgjP2JHsp1gEpjvtsTqCEQCkxheI-ob5NU4nM7jc4KaqyJJaztgmLbIAsdee2RhpODWjjHxttnBi4MAMXmvozW-nk2u6qCzl_h8dAW77qGOWoJ1A3G_8jmzsaSAyZOuhY5eovlJgyZFgoOA2KrSvWSfvyxmdLTViWxZppap7pgV6ZqnDAwXfqFYMm88IsF31nHFKsNWdL9q8lW4S07_YW85tutx_W6WbrjQ2iLCAGeS6zADDIEqttjhTAztWixTSd0eF1HfJlNAZMQQvgz7QCNsSR9OAA-OpqGcUqJChxsxIjKFsltFeZI0JY09-2W8SITcT5FJlm-z-Gz6VXUHas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBm9SyX0vYveuC5TA6wSWqA3JntKxXPWdmPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQIRJ-Q3hmGyPqgDAaoE6wFP0Nvji5QWCqN_zx2xCnZcGHPVSmOqv6zqxKZJRsPQfVC88ktsPfCSsb5oRrNQMzEYG5lPEDlhGpTGqjmePIz7nk4641F0Msbj2P3WADyLKkhBTIINT5lycuvEiJe1hWyZRkSdMmeSA1gfWvJiJDyQDSkXyV1HKHqZq9ZVNWpZ7nD_ClaWdabgK4kD7CmOMJkDNzXrQ7x0TavFBb-pFnBeSbbd8degUnriyVEAst4MvM8ulX0m7cyvTSk79eaIRhMoZfROO_npmkZNmIjCsqTzmZm0VCGTC_xxs-9mjI4cqTBQ6xWg4m7bBEOkgAaalI351ZKE078BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2kkbgbbbTFS3Rq0vLiHEAmXoTk0w%26client%3Dca-pub-2279633493037067%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=1299193309&adf=2579081424&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279560&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=909&idt=333&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=yb3kkrF1Jj&p=https%3A//telegraf.id&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a82f6f750ac902126295698051d5fd7d291e6cac418847262b0ff04248b266b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6TcsGAHIk4PT7pE2x6ToWTh_aeHrugseWztRVev79Gr1wa2giHMsf-HLPHthzO_wwscDyKX3vFD5le6S4czQ5k5fINkvykM5XqE3OjH0iUwIO81BZRjznGJbA_nAP6D1AWVWCyfs3WPvQglU-N1_cpIg8BsCvzMXWDpjZ4WEypF4lNp5XC6N4RvNm4vZiordrdnERkzl8BNCpM48TBUkHg7RkTGn7gSTyHXRC6rCxdPaTIGgxyV7WcOzR2eyc-CfsTspdw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 20187923
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8C45 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC1ugCO8ajAASLQXBf-28b3_A34UKUrg&u=%7C5N3zz54%2Bsw%2F6cPaANMZ0a%2BT8ByXt04dqZjzOpVQgUQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog8Qwkp_DM0l7KusZ7ZOeDUirUnCuq6Mm12Y2nRe1NoNfyznBV6-PX1lnyTgnsf5l77qekTyLv7nPPqNn-CMcvqOumEJtaBcnnAVOKrc75glq6FrSl93fEietZ7Tj7IywTfYOOZxEwncTMsTJyDH-beuQeCB_khCJeM9Gg33oqHPR0pTAgfVjdOfZ68uGbVDtea88Qxh8OkR7iqVaXX-G8t4Gvp3gAqqdOGNz6L2kXefBQ5n-hMJgSFAYJjnqXO6_s_dYfuOTrtbSePm0l3UYRi7rDG_lZTIHJY2DgnQJ8GivjNrrLMgV67XhLUDsTn7dRnmcw5grDCicYONGdDEpgBHQnuAoQun255tfmbYWWrcyJrr1qkKUc5C6zwvOiDKD_ZLmzABQh2Bl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDbOyX0vYuitC6ON78EPwZaSkA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQJUqoV2JV2yPqgDAaoE6wFP0BeWMjue_jBxO38RWtTV2EdTZpCnUByJt3SPNYbpAUJVkyWOe5OiWnzhW6xp16Ow3zSCMML_5NAiJzXPcEB5dDqvyH_Zq3xp5hfPZbRHWG0AfztpPeLZzy9Me5-ekNjmYeIsHlwABLBRZAYF8m7xGw0UaQciEgQ4RkDTHvonR3B_5WHm-KaTXZoIQNNaUuxG0MvdF7r7K0G2RSEdngp257KrfECR7w5_n09DIm_UPUfeJUMoDDWRhy6iYm8c87HiVyf7ewLjn50O6FieOrJpr5rXy9i8Cht4GWzWv_FrLkhsPfrGXLCWipE3gAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Wx1PRxBnVPXRMc_Wa0QYOxSyNWQ%26client%3Dca-pub-2279633493037067%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8C45 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8C45 308 B
636 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 8C45 507 B
835 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 8C45 43 B
347 B 19ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=bGV3NQn4vvZV5CDdlLNOexD51yntb8JXm49P-ciOepEWwQG1RumRTG2HyVBMlEwP9jDE4qVTM0pycT3nKJbz3teD9_VVTYBQKpUTaUCVvNKElxJYkueeezVjKBXtomwt7cemA__wQl5qkFg-AYuUtYNUg_8hGmgXj-_Q92mW09iRcTrTzJk6ygfTZ8EWGcOTYG6jUMAiqGbUU4RdYPbGEyJwIC2jS_vBCn1G3rIf_LWYcuNrPAq3kR8ir-6ph3WqSLYo3E7_vLEGcBOTPjUkPqQjpvdVL4qQt1Obo1H1VOE4sP0PsAUWqJqpVJYi7NeWEs5n6Ct1U0FLuuZth6oo-EOql4bCqN2Ah-ecw0wzDeRjRKJvYia6pJLE5OSEoHZJKAliEph6tguLZPYBf7mVfV7wAJAJiLtGgdJMLRzA-n1Xj9FBxNDFy_Md6NTOOl5wtj266g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:21 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3336362
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 b0136391d4ea4d4a997f7f03dea470a1_image_ad_300x250.gif
static.criteo.net/design/dt/90764/220105/ Frame 8C45 261 KB
262 KB 20ms
20ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/b0136391d4ea4d4a997f7f03dea470a1_image_ad_300x250.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

101d2adecdc84a8dddd428b3de2cc7a12373eda82eb2057893960437dc55a1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-41466"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 267366
expires: Thu, 09 Mar 2023 17:39:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8C45 0
127 B 14ms
14ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=uk0PbQHIk4PT7pE2QmbU8BXVs17IwUZvwWs2ERBjksn2vnWQB19Kd9xZoMvPj9FKYe7DYolb8YJ8cd7leH_Z_ePHXAa_xOmyA8QtMupf1q4BJl5lpIjifgvFiVlzE9sTNHTX6DEUgISaC54f1ux1s0gtrPf9UEb1S11iyPpu9Fe04vgQRCIamb6BRgyXh3X2kFrBcpXel_zh0UzZCdjeOjsINMg8G9OyVpstreLOGei2JcBxYCIN7kQJUxH4tSrHSgNTVeFf4AcY-fT6&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 14 Mar 2022 17:39:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8C45 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8C45 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
DATA 200
OK truncated
/ Frame E6CB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 462b696cd4ab237a2ffebf80a3a6d25c780bbf347dcc82cbe7f007b734b0a8c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6CED 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yi99yQAC13cKmuAUAANUFq0OI9O_oDhaYnZGAQ&u=%7C5N3zz54%2Bsw%2Bh4Gz2XNHF9wtnZ4sgDDCCLvRINGrfAhk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1Xog1V4QixPDMz7GrnjGLKGc5PIosskJPH_OHsWGBlzcIPmc2lOJox8uS7CgjP2JHsp1gEpjvtsTqCEQCkxheI-ob5NU4nM7jc4KaqyJJaztgmLbIAsdee2RhpODWjjHxttnBi4MAMXmvozW-nk2u6qCzl_h8dAW77qGOWoJ1A3G_8jmzsaSAyZOuhY5eovlJgyZFgoOA2KrSvWSfvyxmdLTViWxZppap7pgV6ZqnDAwXfqFYMm88IsF31nHFKsNWdL9q8lW4S07_YW85tutx_W6WbrjQ2iLCAGeS6zADDIEqttjhTAztWixTSd0eF1HfJlNAZMQQvgz7QCNsSR9OAA-OpqGcUqJChxsxIjKFsltFeZI0JY09-2W8SITcT5FJlm-z-Gz6VXUHas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBm9SyX0vYveuC5TA6wSWqA3JntKxXPWdmPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyNzk2MzM0OTMwMzcwNjegAdW20uoDyAEJqQIRJ-Q3hmGyPqgDAaoE6wFP0Nvji5QWCqN_zx2xCnZcGHPVSmOqv6zqxKZJRsPQfVC88ktsPfCSsb5oRrNQMzEYG5lPEDlhGpTGqjmePIz7nk4641F0Msbj2P3WADyLKkhBTIINT5lycuvEiJe1hWyZRkSdMmeSA1gfWvJiJDyQDSkXyV1HKHqZq9ZVNWpZ7nD_ClaWdabgK4kD7CmOMJkDNzXrQ7x0TavFBb-pFnBeSbbd8degUnriyVEAst4MvM8ulX0m7cyvTSk79eaIRhMoZfROO_npmkZNmIjCsqTzmZm0VCGTC_xxs-9mjI4cqTBQ6xWg4m7bBEOkgAaalI351ZKE078BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2kkbgbbbTFS3Rq0vLiHEAmXoTk0w%26client%3Dca-pub-2279633493037067%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6CED 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6CED 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 6CED 507 B
835 B 19ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 6CED 43 B
347 B 18ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=Bce63N_jarZdncOBluTGW7awbY37id5ATr224lb_znfnRtYk2h-kqajMICfCeGFTtLSFRm9bDKO5Ioq3lkMpTXXWTOEIaKAXMFQYmudRQU48xEt_oP1nu46l_KCsuQitEsYpHRpKVeJr8Q4-CezZ9fXvuIi1mtfvwDfVn2yAQlivKTsga57j0OydX2ZCrIE2X366LdXWarftuZvSMNpM30ywaqNOGcZQLuHPBBWCpDJNlHVrdzkzbscT0nJtknTHtcaBmMjsfTZMppSwUatDXz20f6oY8R-6KmWxWFmTGtQgtfPFiqQBIaA2D4ZpiLTvZBYadTroIp2Q2f9a7V6JYtGcEKtQhmJqoETbzldNwnlJVqE3e8C15chZQJ3wZY7cUOXoXTr8QnEJYwQxX7nJbzF8R8FwKWrBnnaFF8zF0juCnQVYQOJEeAxstB6Rr7mPqo0fdQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:21 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3223376
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BB9C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6178bea256c7a7b6e0f7cb47441a0f164b3fb375fa50c6219cb3aeb5ae21af5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9930085098405452528/ Frame 14E2 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9930085098405452528/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bd25f5d1eedbd24c43e980854017ebd82bf4fe9c529536f9a22911d476fe157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:45:10 GMT
x-content-type-options: nosniff
age: 82451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2318
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 17:52:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Mar 2023 18:45:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 14E2 0
0 70ms
68ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJMwByX0vYuisC_rg6wTTx7boBafzpIRpu6Oc6sEPvtWMrPEuEAEgvqPHY2CV4pCCoAegAfTkiNUDyAEBqQICYzEer9u1PqgDAaoEgAJP0ADLVW7wgT2pzfBrZF2b_litr2jh6WXdNc40bS2s75bXJOUjHdtkaW_OJ7fX92ENzH8ScI6vVDZH0EjI7_ufIEJrk6qUJExk6lKXBCLf3NRiBYznC9QBb7MST9YMez1dJzK7SnGh0lny0a0o1g5nxkQivdm0NMw8EAqUNjyn2HJuWwFNuhgu3ceY5wkdlgG7KdzFlRDBDxwvq0x4RWm8fCT2ppAcGUHibjlx7c-vcjabOOWQJbj1bZ04Radkv6O1I-Djl2OXzuabZ2eG0nwveyTtMIvLrfKbHgPd5x7pJA8NpkPVOOrZYkUJqmvhGij6Ou0V0sGfcY7ngN4ehOYMwASmgYj76gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH9Jr3KqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEIxO0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTIyNzk2MzM0OTMwMzcwNjcYAA&sigh=Wns_A5Omfog&uach_m=[UACH]&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=280&slotname=3200966967&adk=355734708&adf=563175072&pi=t.ma~as.3200966967&w=1200&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560768&bpp=2&bdt=1014&idt=265&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=94c3vtheM0&p=https%3A//telegraf.id&dtd=267
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 14 Mar 2022 17:39:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A16F 143 B
163 B 41ms
41ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=280&slotname=3200966967&adk=355734708&adf=563175072&pi=t.ma~as.3200966967&w=1200&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560768&bpp=2&bdt=1014&idt=265&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=94c3vtheM0&p=https%3A//telegraf.id&dtd=267

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 14 Mar 2022 17:05:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6CED 12 KB
6 KB 16ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
DATA 200
OK truncated
/ Frame 14E2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11c22b76da51413f68d3d7ad4cef2ede8ea92265014b9bada9068d06dc959e86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6CED 79 KB
79 KB 17ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2F6399ac8286ff4d3895c5404c6fe74bc6_uranium_banners_1200x1200px.jpg&v=3&s=0yG-60rRs_4uto7G5T_0BJbF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e43844081156dcbd53fb1beb794d7f92c5ad6a1101fe59b97b0a1ae79873a9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30585418
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 80582
expires: Fri, 03 Mar 2023 17:36:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6CED 11 KB
11 KB 15ms
15ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2Fa0a000e8c044446faa1575d9372ae515_an-logo-green.png&v=3&w=636&s=EfRaiU1lbtBjxy_2ZEhB_FtG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30585302
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11390
expires: Fri, 03 Mar 2023 17:34:24 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6CED 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=6TcsGAHIk4PT7pE2x6ToWTh_aeHrugseWztRVev79Gr1wa2giHMsf-HLPHthzO_wwscDyKX3vFD5le6S4czQ5k5fINkvykM5XqE3OjH0iUwIO81BZRjznGJbA_nAP6D1AWVWCyfs3WPvQglU-N1_cpIg8BsCvzMXWDpjZ4WEypF4lNp5XC6N4RvNm4vZiordrdnERkzl8BNCpM48TBUkHg7RkTGn7gSTyHXRC6rCxdPaTIGgxyV7WcOzR2eyc-CfsTspdw&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 14 Mar 2022 17:39:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6CED 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6CED 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Mar 2023 17:39:21 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 14E2 28 KB
28 KB 80ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 499959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:46:42 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/ 151 KB
54 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/reactive_library_fy2019.js?bust=31065567

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acd2263a4495004ec8ef2ab1ea25d5e514799fd6a1802eb268ee3b9d92122f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54989
x-xss-protection: 0
server: cafe
etag: 15283444078852440377
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Mar 2022 17:39:21 GMT

GET
DATA 200
OK truncated
/ Frame 97D4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 084707776099c4090d6a8afc92a912dd331bc385b87d6a1c0328147993b7c077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame E581 67 B
91 B 38ms
37ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:15:01 GMT
x-content-type-options: nosniff
server: cafe
age: 84260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 14 Mar 2022 18:15:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A16F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
90ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/ Frame 40F1 31 KB
12 KB 37ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9744e07c078761d853def76711623ceea3c03170d79c18daa7ecc713204c708

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 12719
date: Thu, 10 Mar 2022 07:44:33 GMT
expires: Fri, 10 Mar 2023 07:44:33 GMT
cache-control: public, max-age=31536000
age: 381288
last-modified: Tue, 15 Feb 2022 17:26:03 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CE64 0
0 71ms
70ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKKhxyX0vYpS8C5Wr6gSKzpmYA_X1sdJo-5eR0bMPo7aSnMEvEAEgvqPHY2CV4pCCoAegAY7T9soDyAEJqQICYzEer9u1PqgDAcgDSKoE8QFP0EZBiHTpPWN32N1bR_uJJPAzGW3FIa_xzfc3psNS1lVq_vcFNeNN4X8b0VeJH8kgN-Yq1Lu5wdesIPwApJHRW4T79gR0GLqVE4-aAn_5YgSAJ8MpxEzXD3-0_OGQJfiwm6ju0mFsB0UejXERl65E987JJyfEAi6k08Q3JuZHwaRYQlkMHpTl_zeMII-8yTPaRztFPIh6gFWudqSj7G5H7EegYyOhFSA6QLHM-6AwYLa42wb6qSGk2bf8Nf64wnLEjs7bm55OvuBvlG2REgoCkAgLeBxi1ANvV4rB90WDIP4dsaDjkLJjFPJvclSISCfEwAS-kcD55gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH2qyJNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIDeA9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0yMjc5NjMzNDkzMDM3MDY3GAA&sigh=nNYA_58rG24&uach_m=[UACH]&template_id=419

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 14 Mar 2022 17:39:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame CE64 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:31:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame CE64 2 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE64 117 KB
36 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame CE64 15 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:35 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 95ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=telegraf.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=telegraf.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/ Frame 7893 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 13 Mar 2022 23:56:52 GMT
expires: Sun, 27 Mar 2022 23:56:52 GMT
cache-control: public, max-age=1209600
age: 63749
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/ Frame 0FD4 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 13 Mar 2022 23:56:52 GMT
expires: Sun, 27 Mar 2022 23:56:52 GMT
cache-control: public, max-age=1209600
age: 63749
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 40F1 9 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 40F1 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 14:22:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 40F1 26 KB
1 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1642771116

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 16:30:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Mar 2022 17:39:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 40F1 57 KB
23 KB 133ms
48ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B9BE 143 B
163 B 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 14 Mar 2022 17:05:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CE64 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ae8c154c5537da1618ef00c29e9c54c204529dd0bc37e88f16031485a41d524

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 7893 4 KB
634 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 16:03:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Mar 2022 17:39:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7893 205 B
229 B 40ms
39ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:46:30 GMT
x-content-type-options: nosniff
age: 3172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 Mar 2023 16:46:30 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7893 604 B
628 B 40ms
40ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 15:26:21 GMT
x-content-type-options: nosniff
age: 7981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 Mar 2023 15:26:21 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/ Frame 7893 19 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9aa52271c062f05d8595fba2d3fcb36149ee713dbc867782e3a86bcc0497a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8375
x-xss-protection: 0
server: cafe
etag: 14738557072536450365
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:37:34 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/ Frame C010 31 KB
13 KB 37ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b16b1cb78d0bd98dd301402fe1b19e506a5869b7cbf517d9545628c53e479ed1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 12946
date: Thu, 10 Mar 2022 15:48:57 GMT
expires: Fri, 10 Mar 2023 15:48:57 GMT
cache-control: public, max-age=31536000
age: 352225
last-modified: Tue, 15 Feb 2022 17:26:03 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 0FD4 19 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:31:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B9BE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

91ms
89ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=250&slotname=3200966967&adk=205218325&adf=3893433244&pi=t.ma~as.3200966967&w=320&fwrn=4&fwrnh=100&lmt=1647279561&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560663&bpp=1&bdt=910&idt=340&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C928x90%2C320x250%2C970x250%2C320x250&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=DTLe1CedJO&p=https%3A//telegraf.id&dtd=342

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame B0E4 8 KB
892 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 16:05:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Mar 2022 17:39:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame B0E4 2 KB
911 B 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:46 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame B0E4 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:31:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame B0E4 2 KB
1 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0E4 117 KB
36 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame B0E4 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:35 GMT

GET
H3 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame B0E4 28 KB
12 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 10:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 10:13:17 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C010 9 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C010 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 14:22:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C010 26 KB
1 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1642771118

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 16:31:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Mar 2022 17:39:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C010 57 KB
23 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B16 143 B
163 B 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 14 Mar 2022 17:05:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 0FD4 2 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FD4 117 KB
36 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1D8B 0
0 161ms
70ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8BwB6KE8TLHP0yZpJtA6gjPFfMSdbuuU3m3HdlMsgW0_Xp6NPTcg50MTNuDt91JwZU0OTjyITeLDEvLO8vH1QpgK1CXuxLQk8aUtXbvqrTCtY20TQYHcVb8STAc9SM4WNIWqO9n2WownStFaS_Y_4JnGOtFr65IO-FxPOkfEvtcwYe6VFKmCvgI0qtv_LDxVarUO3KnaglkDEaeZxwW2tUNfUthOeBLGoGJaQ08hfrYLx-CPv8l5XfPtoPoll43O1GEXrAMcveWrpPRm3r5dD5ITMjMwqJEC6TlQ7LMXJCoyhHi-MCdZwBDEeheqQUkZEYh2Vk-Vg3PDgFidHGd8pYeSV46mMSLE4lQJOAVIkmWW1W3SIu2F1AS2NFiuohOMNXe2jq2laNIE586OeE5NpTCM4T8icEvIkhYga-HpNHv2yqXehkrzm2oBpQtJs6X1pkdSbGKFr5xCRdzzAHXvOjT2QjvTkD9AhG5qjJTZyJq3AmO1060zcoxHG2jgH08p5zD7bu1EyDSUt-6FQ_846DrH1y0fRtAqARB_7i2_Sys9WCuRxOMRXj_5ZYrb3mjJtPx2xeqASIwd4kdzoiK_S5i3h3qt9Pf-9ppcDKqPDXf5kiPus8YI5QZNZE67lIam19xhTzqN-fcDriV7nNGI1H9hctPHF0a7s7hYxBXoquaQJnteOl58HHKTV4BIiv-8imsrg5bEpAzfUwlYa82SHC4KBkt7f7vzYVreq4UC91FlvarHcSgCIDF3vfW7ErinaPSoEiL6qh7iGNNIbPvddaaxToDaY4MTYVbR73FUrNnR2hSJn4KVDAx4z4G7k1A0sediW3sNZExn9kjNHVbu8Pvbqj5IuqNwSmCCz2lZhG8fyW1Rm6fOn2JPYqTgmPI9OPh3UxrmXin0YOoFREsZcsBJcXwzQnWv1BlHVhCkBFvHbjGYRFXIcvvpbhTfjszD4B1jQU1lLC7PYTuqo2-NgOYw1lkAx0O5b9P8i0X6Ar7nlyoipCzySYLD5F7tjjD9SmGHwWM3XhL9uz_7J26pl-FDfO1zIOSUaHOMmj1YY&sai=AMfl-YRjeXl-HrvuaI1P-KHqO_l5D25ci8jcswFkAr7FCNlrsZQxtZz4oh8PxQ&sig=Cg0ArKJSzKuX0FB4Af-GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 14 Mar 2022 17:39:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1D8B 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 07:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 07:27:17 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 1D8B 32 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2279633493037067&output=html&h=90&slotname=7970900263&adk=1248245880&adf=285078558&pi=t.ma~as.7970900263&w=928&lmt=1647279560&psa=0&format=928x90&url=https%3A%2F%2Ftelegraf.id%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647279560659&bpp=1&bdt=905&idt=251&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3632240574453&frm=20&pv=1&ga_vid=998751855.1647279560&ga_sid=1647279561&ga_hid=1387786905&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758395%2C31064036%2C31065567&oid=2&pvsid=1212404508265127&pem=189&tmod=555024204&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EgPIwP5S0e&p=https%3A//telegraf.id&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 17326570059298415575
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:31:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 1D8B 2 KB
1 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D8B 117 KB
36 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 1D8B 15 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:35 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 1D8B 19 KB
8 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:31:02 GMT

GET
H3 200 6203344233233535073
s0.2mdn.net/simgad/ Frame 1D8B 12 KB
12 KB 88ms
41ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6203344233233535073

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f2f49549fbb5721574523e7861740eac3ce89da67816caeac20aa96ff84ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 23:33:46 GMT
x-content-type-options: nosniff
age: 497136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12298
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 22:12:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Mar 2023 23:33:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A6F9 143 B
163 B 41ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 14 Mar 2022 17:05:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 imagesct9mmfpmtverumwxaqw1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/ Frame 40F1 5 KB
5 KB 38ms
37ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/imagesct9mmfpmtverumwxaqw1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e664383322a7f609dc4736e0823c377c95874240b54671b5b0f94bb2ee2b5cb1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 303280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4988
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:26:03 GMT
server: sffe
date: Fri, 11 Mar 2022 05:24:42 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Mar 2023 05:24:42 GMT

GET
H3 200 b257cd7e36fc256868bde52c2abc9da8.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/ Frame 40F1 47 KB
47 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/b257cd7e36fc256868bde52c2abc9da8.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11a7216617078b3d2c7b4f1424ff71bbca8d8446dcae66488b0e0b94ccbb8269

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 382509
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48440
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:26:03 GMT
server: sffe
date: Thu, 10 Mar 2022 07:24:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Mar 2023 07:24:13 GMT

GET
DATA 200
OK truncated
/ Frame 40F1 11 KB
11 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26a2e668880a505c011e6520d5f214e1713d4753fedd32e627da72c03fec56e7

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 40F1 44 KB
44 KB 41ms
38ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1642771116

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 500055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:45:07 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DE61 22 KB
8 KB 43ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 07:27:17 GMT
expires: Tue, 14 Mar 2023 07:27:17 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 36725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B16
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

115ms
115ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1D8B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af30fb6505549ebf90305f6262f61392451f6d06b3f6ddad5905ccd90daa6078

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 0FD4 15 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 17:38:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A6F9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

113ms
113ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Mar 2022 17:39:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Mar 2022 17:39:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame B90C 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 23:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 23:37:06 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 40F1 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 23:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 23:37:06 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame C010 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 23:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 23:37:06 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame DE61 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 23:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 23:37:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE61 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bi8F5yX0vYoTdC8HT6wTykbqACQAAAAA4AeAEAg&bg=!_f6l_rrNAAb7UztL-1M7ACkAdvg8Wheg2UO3Ri2NAAnC6AANnHBZ3k5GO2Y061qhxeVNv2L5dCIc-QIAAABlUgAAAAJoAQeZAye3p7FTzFOQVNsGQ0OqIi8mJ0N2Us-0efXupnCVkKQTUOZmEN1L2kOIiamRjOKD7TsSAHfTHrgBT_-uW9gOvkk9pwMZPbgnyJYnqSJex6TgOAhGUjPk1xwDDCJUSq0yalBZd1JU3wOyQ9ip6wM_5lbbcF7Qr5isqCPlTjeH-kGPtgfz4_NtTMXE6nUqNkfU5W0ADrL74MVGyIbb13_CkwrbSR1P3Hz27NEHYrdpQlp8Xn63CazzKsyqUfw5F9Fqe1aK99W0P84TEYdTZkr9-x1WGPrTKKbfe2YA3VHKTA0fgr4El8941u9DHx9IiH84NfDO756bo99yICtOF_aSvylr7rsGku3oycSvuppJ96Bzfhm0EvqdCIr40iKOpC6ynx14KBdWVoo6kSCgxwCM8jqJ_Mfp2-EUbVTcS-mB6Vznodr-Kzvwz8uhUZR6gi0BQfOxprcPQr7csMr_wRhtDfVYMP3I6QEF5UXDW9-Q3iiLbCz3hDTYrNj45hmHxPMvu6KkZa2v5HLmkMiu90rxgIsN8bBFnLCFHA57prjEN6SkAx6aB-eg6XZNyZtsh_G-1dQYGcRJd2PutDI3U4LK8OuFlH4zwjx1iof6Oj5_hyq85d4sYGFdmIiSiZ7uX0kE4iJ6TXmOTkUZLJI5rG43MyfJXwOu2JZnA3ztWlH4LIUJhYzvgxEkyV0GlMUoNlWPETzOuTiT6xuO57UQRqrk4atRfsY46hbQn2W13gw9p5IhNFYmt4UAlGoNQ9_qvKkr370jT1FmsacvEA4TsfWSxIU2WShvmHnQBL5OzSA6puHOqU3Ftu7GXd3b4-GZjFJmjNpLlF4M1RmytvFgsO-hjVan5lf_LJcOwQpx1pXXY1Vy04eXhllKqOSQJVnaXWlTYZ2SczZZ5KDAtSnoVTYgHeUdjUE82DdD0_LnaNTuFk-88uNW5CsH7xVRERI9RvCNeoSd6gunHDze4P-YY3XjkA9AO6rwZX--lrqc3xoMbtubmj-3V_dNbHhxklM5IjqF-OlliXrWo2d_1pf0u_GYCfLqF4LSxWOUebpmmHbmoyFR93__57CwI80

Requested by

Host: telegraf.id
URL: https://telegraf.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 103ms
55ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4916e90b73a7355d73e5ede0ab1626cd733a12234e3558315e18d2b37210ea15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 17:39:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9CA9 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 17:38:08 GMT
expires: Tue, 14 Mar 2023 17:38:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 74
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A30C 783 B
535 B 51ms
51ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b2b61ed64a341f8e77cdec58ce990e20a21a6c28a9db0db45f32e9847ec7fc4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2k0QXpx1BpajqsM9QvNrqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 14 Mar 2022 17:39:22 GMT
date: Mon, 14 Mar 2022 17:39:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2k0QXpx1BpajqsM9QvNrqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A30C 0
0 91ms
91ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=1212404508265127&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CA9 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 23:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 23:37:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D8B 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsson4jxQJbRsVcnblUOABHQYUQDbc0r8MgkrWT1gFuuGEWctBzauLhhJKV8I1xH3YAq4zx7txfaFMqJIvDqSy0xrJWe5mTke1I_YyYA4r6tPqeJYP7Zj5ZLFh6QR3h5BAvqcuhMgz9g_z4Xw2ACzDw0rRFvyLD17N4550ZMqYEd5Q&sai=AMfl-YQp3S7GKB8EISBCArGqftlOImqikwPLKIrs6nfwgdl3xaAGEpkN-1UjaQpVPxhrPKyK7ZhaQkWNgejZ&sig=Cg0ArKJSzLAb3mTenJAEEAE&id=lidar2&mcvt=1011&p=0,0,90,728&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1248245880&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647279562131&rpt=145&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 14E2 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUlviWejeJn-uJOJTTAPR3waPEWl-nbnCDjW3GXJ7WoQIhn8W8KpNqFoePMHf-m0C1tsE5O5dXxXjjPjWJ3ud8Fbr6_exY0g822sJoMZ5WES9nFdg_qw&sai=AMfl-YQ5eTzflPvdJSu3oPn3yGC--PR94ht9sh1rsMjWa78yLaHXaowUwkgluvLRz32db5EJOkphDtmi7b5C&sig=Cg0ArKJSzKZekGUeGrgrEAE&id=lidar2&mcvt=1005&p=0,0,280,1200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=355734708&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647279561036&rpt=1290&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9CA9 0
10 B 36ms
36ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?X4luwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:39:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 81ms
80ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=1212404508265127&bg=!ubqluv7NAAb7UztL-1M7ACkAdvg8WvnHkeUq4Nt8h2a37JA4aHEV56HAVdhFjOjJ82wO3xoz06Oz3gIAAABtUgAAAAJoAQeZAsFfVMPvhAjIstNC6NwBfLDypsrXpZwpWGw590oWyWKrbueTJcZCi2-KQY8V2YlJcCRJifyfSq0DIfipHRtkTXyepxNK8hUkvTXZLrVj1qDBr9d5GgWobekVhVR20dP5vxlA4eRd81Hvt800ioYt4ArpmeBmBgrXIWM3j708i2bZ2m1tGS1DkcYZQO0ogZVB3v9Yt5wTgM-rMZG2lIw70EO9x2wlhQel4tWSKTEI4tKAo4l2ORp1bCXx3qhMHf9eMhFNl7WVPqQ7W6HPRLNJX9te_uVTtZg0e9sJCOTxn7-uctl4889t6-d6DXrUoHTcLAyN5ddVrNR9pDli2wbW0pZ9a3CSHRIOyHacywmps0L9sQ_Ynp2JqZ5v9OMD0p2ljUeAYBSj2EGYp4A9ot3FprVbCjZG-95staGlu8UT53Rv6kjTF7nSobBVQrNHRsOM1AQm6l2VV1JoRr7_bIq7aNOmvIaK4WLLBdZucqHa4dHO6U2Mf-ZMj0X5fLc2OOS4LfHDODsGZvuKGFGtAo06esDqUtXHAiuIiS7odeu2sp9p1EhxvX9MJ9OJiUKHphE84AkjEO-IhYBrIy_O1QP_-vzwuG_sL14GiBn7llTPsGYc4XDda1e364P841JfSV0nmStPtcnmQ68LEdMsSt2ylnvSDYLE8oAHp2fAcmtS11yXWl8ECTequCCMBnbDHMafKxYZyWepc0nxhz0rkTLFLLOGgbhcPFjSxr73VSfVyAkOQbvjAe2P4hj5c9uyOStjt1xsO6FkwbBVeBAxSh50Qm_mBiMct8KpIRdLuqbg23BEqQl6zBZw6pnQVdyItdCfj5kKg6ys4IPTbWP42W7sY-jyE-2fBhp9KoDsq8cXYfaFLXUkCmfkQ8Em5czRddUcWCFqyZmzK9IZb8JNl5wLnY0hSrxIJvATl6Be4060Tzrije0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 17:39:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET FeedifySW.js
telegraf.id/ Frame 0
0

POST
H2 200 all
csm.eu.criteo.net/ Frame 6CED 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 14 Mar 2022 17:39:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telegraf.id
URL: https://telegraf.id/FeedifySW.js

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.telegraf.id/	1970-01-20 19:05:51	Name: _ga_4JPKGHN97Y Value: GS1.1.1647279560.1.0.1647279560.0
.telegraf.id/	1970-01-20 19:05:51	Name: _ga Value: GA1.2.998751855.1647279560
.telegraf.id/	1970-01-20 01:36:05	Name: _gid Value: GA1.2.2090385143.1647279561
.telegraf.id/	1970-01-20 01:34:39	Name: _gat_gtag_UA_192630985_1 Value: 1
.feedify.net/	1970-01-20 01:34:41	Name: __cf_bm Value: OuaSu1XCEQR3kDIytiDJY4F5rrSC0OXzWoZszh6nrzk-1647279561-0-Afn89vv5UBNvwKqQOe3AQATTdvrw/iJbZKgCUu20MIMInyuXw7owDuVC3TVHGIcIvzbJjfr2YVJrWZYRHguUrEw=
telegraf.id/	1970-01-20 19:05:51	Name: feedify_trackvisit Value: 1647279561148.192168154144
.telegraf.id/	1970-01-20 10:56:15	Name: __gads Value: ID=c83d16e764991ee6-2262f8445bcd0028:T=1647279561:RT=1647279561:S=ALNI_MaGs1l_JCYWMQzzE5PMZjR-grpnKA
.doubleclick.net/	1970-01-20 10:56:15	Name: IDE Value: AHWqTUnks_jcVu8IWfZDViQOc6_7qWGOs6wv1PDDSNsA4YzO7OyJ4ojLHLv4KsWHb9I
.doubleclick.net/	1970-01-20 01:34:43	Name: DSID Value: NO_DATA
telegraf.id/	1970-01-20 01:34:41	Name: ppwp_wp_session Value: 7a29e1f391146b5f4ad693c000d2ab3e%7C%7C1647281365%7C%7C1647281005

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tpcf.feedify.net/uploads/settings/c3c0135020259fe641a3060c162fd7b9.js?ts=0.6638730892989972 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://tpcf.feedify.net/uploads/settings/c3c0135020259fe641a3060c162fd7b9.js?ts=0.4999702966094215 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1(Line 22) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
other	warning	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16648248580127555213/index.html#t=15339050500719847895&p=https%3A%2F%2Fgoogleads.g.doubleclick.net Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5731921191286904701/index.html#t=8647275265390651725&p=https%3A%2F%2Fgoogleads.g.doubleclick.net Message: <link rel=preload> has an invalid `href` value
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
app.indoleads.com
cat.nl.eu.criteo.com
cdn.feedify.net
csm.eu.criteo.net
feedify.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i0.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
s.france24.com
s0.2mdn.net
static.criteo.net
telegraf.id
tpc.googlesyndication.com
tpcf.feedify.net
www.gamelegends.it
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
telegraf.id
103.16.198.56
104.248.96.65
142.250.184.226
142.250.185.130
178.250.0.162
178.250.2.135
178.250.2.148
192.0.77.2
205.185.216.10
205.185.216.42
2a00:1450:4001:800::2004
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2008
2a00:1450:4001:810::2006
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::3
2a02:26f0:6c00:299::3b4f
2a06:98c1:3120::7
95.217.196.186
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
0249dd822788873f1194bd04f9d42d1620de32c4b6e6f511758e5838ac80c4d0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02a2c77a69de8c5ebcc6503a8b5d9321a2183c4dd900d4b0a5f2c9c2eb722fd9
0332540bb95cbb22a3accf58dc6c45e13b316802426f59f419baad401337a050
04390cc35e7fdffe459ab2a98180e821f50e6f1f302a2877bc2cab67904d64c6
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
07cdff21c581466020324d8bcea384212cd2228e20483dc5f37ac2d5f2116bac
0818610c65fd1ca125b6f560e6cb6e6c8c299e461c2ce91ed197972623cdaf3f
084707776099c4090d6a8afc92a912dd331bc385b87d6a1c0328147993b7c077
08b462b4adf660b3cced3dc5b32a64c7f3af87771957affab0dd5bc436a5d567
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bfc0795245dfb367e2600f248ee85a485c8acb3d23409f8dd5dffdb2845576d
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0dddfdcef973923c7b6cbd4534237ab3dcdc76a8aa3d6d03619566261e0b3e63
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
101d2adecdc84a8dddd428b3de2cc7a12373eda82eb2057893960437dc55a1d6
11a7216617078b3d2c7b4f1424ff71bbca8d8446dcae66488b0e0b94ccbb8269
11c22b76da51413f68d3d7ad4cef2ede8ea92265014b9bada9068d06dc959e86
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12d9a105d2975f9116e4f76a50fcfe2f3f5de702bdc757f0c291bcfbc26cc8ff
155ed836d146bb3cf7c99f6fe05e513de6be057b9b4d0c68ec551a0a1634ab99
159a1540234b557d6193dd186c1b833227f6f0b5a3d4687a98ed5b10297c41f8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aa6a26029430a855bd87d9c07f7dae12e6a5a486bf6d1a2df27def36d4a9a02
1d1a03b48da089bab81893fa43501d18058e8202bac5b61cbe160d49cd69976b
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
210fcfb9ed0fff68def23eec598a8f790b56dcf4d13a1087e98eea07aa0696c5
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
231f60af738c01e2b980d265970a85d28f564c95f1620c6ee54143f9a09e97d7
25c1182e841716b64bafbf90f2aa7c680bcc4febd579ce04ecea4082507b0744
26a2e668880a505c011e6520d5f214e1713d4753fedd32e627da72c03fec56e7
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774
28a1dcdc7cceeb07441a3f50ccf35bef0fe532f5bbc7399c3b11fb557fbdbc62
2953c35c361740aedac408ddc1be9a01cd32e2e3f2012b42a1e00d3039c6d7e7
2c2923672504b1264ee25eb467fe09ede657e178ef4d09f7b92e9ba4271fbcdb
2d144e3cedf9b96679caf134416822a66a20c41a61f5569ae0ff09779581fe69
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
3023e39bcf6e102586c8f4386b9d0fef08de619a28be4ffe41e0fbe11addd770
306bb92aa567bfccd7124e97238b4a11f6ce9fd93ee81df31cbebb02a26b14e1
32bff71b81629cebe01c1336b0d666512fba4e5ec87eaf800a1e2998d881d35b
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33fb57f30861156cfa6738e2d6703ba1baea058c3df581f59a6d290404269db2
371cda6d4616a736cc66139af04bf593c56bd790a51ad6fa38b7a67e92374439
3831d72046cdbd2c5197cbd6aba3d2a4aa3aa86f56aa59aa804c2bf833df703e
3a03eec8b6b8f7367f1b66ff53ac880713e88c910b739e00c7c022534c179e57
3bb96ba1e01606907cf24a477793593802019dc134635b0f1581bc02e290ab80
3bd25f5d1eedbd24c43e980854017ebd82bf4fe9c529536f9a22911d476fe157
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
3f24fb0aa76dc30f53a4feaaeff397ea9cc9a85e35f3393d269de9b9e6d6644a
3fbdd20ddcd049f26c1532297b6f1d66fb8bd07d1af3b36bacbb2c6a6303ec08
3fd2ceb6a02c2edea43be734ff4934e46185dc14ae166e42b2375794f02dfa54
40bb392b997d8a67ba3f10835dba4a55b4dcdb91233a9d1ab7ef81bf82598854
4246b866cf6ec03646fb66267c356907b42281fe077e65b9d956551b80495b26
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
430df020a5c2325ff6283cba6d9689c87e8f6cba53094fa342a55e2c15fcb39b
462b696cd4ab237a2ffebf80a3a6d25c780bbf347dcc82cbe7f007b734b0a8c0
466bb55f560c5cf2b9e3544db9040a96597f4ba7dfe76365c41a5793d31e8c2a
48ff290fb1868967e78e0a2fe94ddf1fb6c51ef84abad4e067ad223b8b8b166d
4916e90b73a7355d73e5ede0ab1626cd733a12234e3558315e18d2b37210ea15
4b2b61ed64a341f8e77cdec58ce990e20a21a6c28a9db0db45f32e9847ec7fc4
4cd14927179cd88891fae3057a4ce4a7cf499af73f65c3b2e83f32e1598c0288
4d0905d7fdcc0d5da5746f838ca87d7e8775a4f357252e88d2e0dce2c880f3c4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e42d64ad3e350ba6de71e680ba3add5d483191501a3d3f89c2563fb10f3f923
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d
508a77783f0a3f407770701276a3c18a148734784054d94da859219b3348f08f
50dc700f0e4aacf15f17499c2af659f64360579ba32a2641c73e487afc480c11
51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754
53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d8cf45bc3887e1f7c67d6694bd486bc36cb1f1bb4d94299226c595896cc006
587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37
59b631751438e448d92654f578802ccd3bc1e4daba1b814302b28b1e3514bd51
5b6a1c772397e48d1d8d47cea017cd13ccba75bea95433e57b3d52b222179944
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e60fbfd4247c38ceed31c8ce4b308df7725f1d5371b95901d9dffbea199e35c
5f642358b66e4dd8229d42529f5a991b9c97c86659fb57a06223f6a13079c105
5f8ed8a0df03de2b627a5e9465779dfdf9755cd31146fa482771eb67277c6aa2
6178bea256c7a7b6e0f7cb47441a0f164b3fb375fa50c6219cb3aeb5ae21af5e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699
64bc314813513a9c1cdbb901025dbc94dbc7579514ed24012e47783d36294404
65e797500a9c2028a3f92718d82c547ad1946f74058fb6d4dc2e64d19c53ce66
660f90ffef7757ec01d02a4e88a253a38ef1c512dcd0aabbd55ca62260eb809b
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc
69751f40928d2926f8edc62099a3a00383d97846b0ec1bbd15232fea3cdb657c
6a4578d5ecb3dfff7793ed78bd79d5dff75a75448e3ca7c66055df6c059b2c79
6ae8c154c5537da1618ef00c29e9c54c204529dd0bc37e88f16031485a41d524
6b1cffc3d882fb5766284440c98311477f4878d9318df9ac53c532d8b1dead71
6b56887afb6436cbf903b3339832656cd04ed202eef5629be210fc10cb1355c5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb296349d6279d90f4d53167ac376e940ff20f0274f2319f1d6dc10b7ec2a07
6e06b41c7d14218f348a6df2a33634d5874dbf52a7680bdc5ee051be747241f0
6e8497f122514039396c2f38017006ca609ee92664fcf01c018ec879f3fcc1f3
6f93125ba3953845b554e4446a315c276c2b824152bb0a65880ae362051f220d
718270dcbf739db8340fed0b2fc2f277388da2cdbfd192e59255714b31adee2d
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
776df24daa38536b487851475fe6662425b793709e1860c37a6ccf3cfaa5d2e6
780655c20a6443898039db0dfcc81c7ba143abcef13ac732f100bbe360dd3cd9
7a1e7d8d76a711e49e39ae33d9da9ce552a922c4c454a77899533be44a90da84
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a6887bd4cbb45bdd3af0c3619e4bb2078930a9c9f94d087d333b061d522e6c6
7af89e05174c8c2a00971109f50fa06ca0f32456e6ee1e7e86207d2fcf870a7e
7b0838d8df40afc8c5f3bcb9d6de38267621c840d16bfb22d98d0332ae2f41cb
7bd5f24b2a252abd4968151b0129e58f142098897ccbfd33f2b6544024f7e072
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7fd6e92822b4cbae2b120c2159f358f1e14a79d0885970678e1ff5e224cea52d
80d44a31a3de2c19de82fa01cb1bb58725729d5c6bcc7e1767ed74140e40fe98
835c7b76dda81e9203cdc8d7591a8935e6785deae551ae9ad163f4d5301c1e4d
86910fab72b89546d23458f560789ebcc95b8737e86f8392394fc2481c5b6712
8885da7cf968dd7b364fe880fa120fc94f58078985da51acba4c30644d37db23
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8b413db26e4a20cb854027c92b99f7068dc019587cbf252da250f656f3dad0a2
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8e95f3e59dc0381c9ec5e1c3a186f474febd00f9a62a51b18e4b91599b3c386a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8
936a08172aff5c9337da58594b7a781a8ea033e4c611b97b9cbf276761f7ef5e
96ad5f988878b6a5319555c5953a822e9f427ff54001180ebc2512d1468ed922
9ca0e984615396c430f5f5b0071acf29a6ee2086c33dd2992a0722222e10a0ed
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
a0022a5ec488e212af2fc0a35e0152651cf5aeb5fad98a0bae33b626b25ed93f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a270463478af8759e67dd88fdafff16cf872fdbdfde6f8020b8c4b20b7bd1d2e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3be0675d153e46a2fcaabfe32d7a11ca90cad8e389cc95d83c0756666bb340c
a47667b69804371f99a43c41acfe324912f20153380bbf31732acd4e87c4405f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f2f49549fbb5721574523e7861740eac3ce89da67816caeac20aa96ff84ee9
a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a772693c443f1324ea81e3ec244689534fbd6619d43da91adbab071ad200a539
a82f6f750ac902126295698051d5fd7d291e6cac418847262b0ff04248b266b2
a8ff75310c25ec7872e8bb0ad8e1c129f938aa99aad2718609f66b434a18a400
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd2263a4495004ec8ef2ab1ea25d5e514799fd6a1802eb268ee3b9d92122f4c
ad1ec81e1b06f30d90a41d7de5cb6d34e0f04279b08f748224a8a5ef01e966c5
af30fb6505549ebf90305f6262f61392451f6d06b3f6ddad5905ccd90daa6078
af525b993dff010b33028fa850a40d83b2392df2d1a0d14596ec804db4dd94d2
b16b1cb78d0bd98dd301402fe1b19e506a5869b7cbf517d9545628c53e479ed1
b28b6345e380fdfe978d3deb568919e8e73f15cefe324ef9eb29441ea730338d
b3d3e420a0d4481e37f086a47c38ec388337ad6d8a3ee993a3f3ac547e4c49e4
b4d7bb654912b5fe91b72976aaf733866c489f1c2b9ab84c0501e8b258d9e6b6
b5bd46c68d75a193f285542f534bd319fa05a6d8233730538d9b9a47f1012d5c
b67b3b7430f8f5d50aa2af078954625940a9e1f098d1e72121a12557d7a73a3e
b83869d05cd450d1c121821d882815b0d2d57984aaf148c65f7055716c8d4a8a
b86f601fc455e43a6151cb22b4407e7ec71ebe9842efed1b88f234dd8932b7b4
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbf94e5438333ae008e9b742cf1dd74dd310f7385ebe6f9ef4fdc82976de34a6
bc8d271c1c4e29672e13f962303f5345e540ccf4168d36441da4740edf684190
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7edf92686496dfa9a2f0f55774f5cb9fd80db97c23de0e3173118a1f6ddaa3
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bfbb0f6fedb2674faac5208ca287f9af4f38477fedb5336ca970b8b101c43032
c084441d383da3f172124fd32f707b43cb1b95bfbb47c7cde3f015048d803896
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2cde20f060ad80ccbf14d18d515940a48e4d9b3b77d55c79fafa4663f1d44d1
c4555775ab902e67344bbb4148ae91a261764e91d510f82074f9e09d1b3badba
c5bbf0ebeec2e9af16974dcf17d53155442fd77e48aaac60600d6b4544e19bf1
c5e88f65b7c07d393569bc7ae826c07c3d7b7ab524683a3225bd317e2c7c72a7
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
c9aa52271c062f05d8595fba2d3fcb36149ee713dbc867782e3a86bcc0497a2d
caee2a142fd7755d5746862d21c2ed0b8f383a28cd958cfc1edc4136f3a73787
cb0db0a2c4e7742a54b87f07cec2f373be8291ba4df9d3682647fb21c916818f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce3f29f85857ee5c8e71407f87fa580bb153df6dac9ee1bfba29bb8f611a24b1
d2fed050e95d08758174529a4737db27492916ea5249662f468cdba22b67f401
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d38d082aaf247a6ae4639da09d6e26cee180aa3fd26aed092235bc01ea00b8b6
d396c8b469f3f49afb9964a444a9e5fc222e3cac8227eb5bfd82091bf6913506
d5b14ffb0ee42b33f3d219f9cd9f595d1609f8613e7dc7ee825e9b3470c85304
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6ee1c4c8cbaafca36510126edc86fe528ce23d330fbfd3ee61742b1bae7c57f
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
d9744e07c078761d853def76711623ceea3c03170d79c18daa7ecc713204c708
da64f3bcc8febacae7ca669ffc68d185247ed3a21eec071400d9369174de1e91
db7c9be0f06b793b1e89e94ad52e55a7f3a827988f85295ae6d2eebbdffe70f3
dbceb6fe826f17b2ead9343766987a130f84858107bcd6c6745e7ae6393ea56b
dcbfab594ba5d9d267c3679c2beec1fb2d53ab2d04c468304e33f56b745df159
dddc61e2b83d6446e19afe721f5f06ee354f74b836e0e2d29247ac49292d8cc4
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2c8c6a96f599918b3613060086aa1f2c5cd9e32d9e6fc42dcf637bd06baf901
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43844081156dcbd53fb1beb794d7f92c5ad6a1101fe59b97b0a1ae79873a9c5
e664383322a7f609dc4736e0823c377c95874240b54671b5b0f94bb2ee2b5cb1
e71bfe0dbb5b7a9cf82ab6f1165c8831077302ef10dd60e02cfb5a338c5c1ac1
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ec0366216b9bcdc945e694bdead774e507849db3fcb6999105b94697b0af2eda
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ed942e730cd1b8b58643d34c23a3af01ae3f8c12d26bae0e2a36f839b733b582
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fac9a58de966219a8121da4a11469ba9c39e369ac3532f30b9da8b6438db47bb
fb5ed3672bec6620938a89d8d1629e85503c3213095a500f5f0f4c6b38f76f7d
fdb2577b31b4c9dc42d321eb50b146e6a4ccba2af19f58469d3eeb91fa7a8922
fddf6cf4f2ab5380526b9640621980c535777b493d502e2625bdaa3f7e08da65
fde399c76c780a4f79243746b4d1b53e4f283579c8ac6a2227d90574f982eeeb
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
fead3e2b8db4b09a8baf3ba39c04456804c93091bb1d70342fd446dba20ed739
ff0a54ce8419687b2491376343d65322bf1248af78654d11d48e87a746ea717f
fff8809367ec82828d9cc9bf6c544fc680c0a3267cd930bb72d992377dd9a941

telegraf.id Open in urlscan Pro 103.16.198.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

297 Requests

100 %HTTPS

65 %IPv6

20 Domains

31 Subdomains

32 IPs

6 Countries

5804 kBTransfer

10118 kBSize

10 Cookies

4 Outgoing links

Redirected requests

297 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

telegraf.id Open in urlscan Pro
103.16.198.56 Public Scan

Screenshot
Live screenshot

Full Image

297
Requests

100 %
HTTPS

65 %
IPv6

20
Domains

31
Subdomains

32
IPs

6
Countries

5804 kB
Transfer

10118 kB
Size

10
Cookies

297 HTTP transactions
8 data transactions