carasettingbaru.blogspot.com Open in urlscan Pro
2607:f8b0:4006:808::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://carasettingbaru.blogspot.com/
Submission: On August 21 via api (August 21st 2023, 9:02:49 pm UTC) from US — Scanned from US

Summary HTTP 122 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 21 domains to perform 122 HTTP transactions. The main IP is 2607:f8b0:4006:808::2001, located in Stony Point, United States and belongs to GOOGLE, US. The main domain is carasettingbaru.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on July 31st 2023. Valid for: 3 months.

This is the only time carasettingbaru.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2607:f8b0:400... 2607:f8b0:4006:808::2001	15169 (GOOGLE) (GOOGLE)
28	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
2 2	23.6.104.153 23.6.104.153	16625 (AKAMAI-AS) (AKAMAI-AS)
3 11	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	51.222.39.186 51.222.39.186	16276 (OVH) (OVH)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2 4	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
11	2607:f8b0:400... 2607:f8b0:4006:81e::2006	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
10	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
2	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	142.250.65.230 142.250.65.230	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:15::6	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
2	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
122	30

1 2607:f8b0:4006:808::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

carasettingbaru.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:80c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:821::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:81d::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.6.104.153 (Seattle, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-6-104-153.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.80.34 (Staten Island, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.186 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.148.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.114 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81e::2006 (Stony Point, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4001:801::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.2 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.230 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200e (Stony Point, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:15::6 (Stony Point, United States)

ASN15169 (GOOGLE, US)

r1---sn-ab5sznzy.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	468 KB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 bid.g.doubleclick.net — Cisco Umbrella Rank: 1014 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 ad.doubleclick.net — Cisco Umbrella Rank: 187	128 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 710 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3045 csm.us.criteo.net — Cisco Umbrella Rank: 2981	203 KB
14	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 352 gcdn.2mdn.net — Cisco Umbrella Rank: 1319 r1---sn-ab5sznzy.c.2mdn.net — Cisco Umbrella Rank: 92357	158 KB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	48 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73 imasdk.googleapis.com — Cisco Umbrella Rank: 600	134 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	2 KB
4	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 2887 dis.criteo.com — Cisco Umbrella Rank: 745 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6243 cat.va.us.criteo.com — Cisco Umbrella Rank: 2999	46 KB
3	blogspot.com carasettingbaru.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11064 4.bp.blogspot.com — Cisco Umbrella Rank: 13397	119 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	35 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 396	878 B
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 2071	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	113 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 84
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1161	451 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 15670	519 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 984	338 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 964	535 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244	607 B
122	21

	Domain	Requested by
28	pagead2.googlesyndication.com	carasettingbaru.blogspot.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net carasettingbaru.blogspot.com tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net pagead2.googlesyndication.com
11	s0.2mdn.net	carasettingbaru.blogspot.com s0.2mdn.net
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
10	static.criteo.net	ads.us.criteo.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com carasettingbaru.blogspot.com googleads.g.doubleclick.net
4	imageproxy.us.criteo.net	ads.us.criteo.com
4	csi.gstatic.com	imasdk.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net
3	fonts.gstatic.com	carasettingbaru.blogspot.com fonts.googleapis.com
2	cdnjs.cloudflare.com	s0.2mdn.net ads.us.criteo.com
2	r1---sn-ab5sznzy.c.2mdn.net	carasettingbaru.blogspot.com
2	googleads4.g.doubleclick.net	carasettingbaru.blogspot.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	match.adsrvr.org	2 redirects
2	px.owneriq.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net carasettingbaru.blogspot.com
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
1	lh3.googleusercontent.com
1	4.bp.blogspot.com
1	1.bp.blogspot.com
1	csm.us.criteo.net	ads.us.criteo.com
1	gcdn.2mdn.net	1 redirects
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	cat.va.us.criteo.com	ads.us.criteo.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	trace.mediago.io	1 redirects
1	im.bluevoox.com	1 redirects
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	carasettingbaru.blogspot.com
122	37

This site contains links to these domains. Also see Links.

Domain
www.asthemesworld.xyz

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-27` - `2023-09-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2023-10-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-01` - `2023-10-10`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://carasettingbaru.blogspot.com/
Frame ID: 976922A64702B309FFB710340DFC41A3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Frame ID: 383BBEBD7754800F3F360D78E8C3C6AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&adk=3953984709&adf=2873229911&lmt=1692508514&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692651757769&bpp=57&bdt=631&idt=470&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2162244351441&frm=20&pv=2&ga_vid=271899824.1692651759&ga_sid=1692651759&ga_hid=703249488&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997&oid=2&pvsid=2243048199549426&tmod=980152497&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=915
Frame ID: 85D16BB7F9286E639463BD4EEDF810F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&h=600&adk=4102438265&adf=3362977292&pi=t.aa~a.2407176695~rp.3&w=288&fwrn=4&fwrnh=100&lmt=1692508514&rafmt=1&to=qs&pwprc=3630501105&format=288x600&url=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692651759532&bpp=7&bdt=2395&idt=7&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2162244351441&frm=20&pv=1&ga_vid=271899824.1692651759&ga_sid=1692651759&ga_hid=703249488&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=839&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997&oid=2&pvsid=2243048199549426&tmod=980152497&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SfIONt8Hjq&p=https%3A//carasettingbaru.blogspot.com&dtd=261
Frame ID: 19EF93FA5C916492BD5182E3BCAAE367
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Frame ID: 922BD332D7ADFDFB84B3148A0B0264B1
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0392FDE606B9829799389A59B1E9D06F
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOPQ7wAMmTYFKN8hAAkWxydLeVCIdKW2y45Mvw&u=%7CL3u5I77JiBf07ds2DYOid6HBz2%2FqAfqsCLQ3a9HuTHw%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGLLPgbbfBchxWMzS0QnKEdufuvGNxEvA3bQdb2aqbGqTYkiQf3m2TWSKvbsvgIfWMXFRUq_UGowVwybVGG-JxuHkV2y6FP5EnvzxCJLAvrgTDTZ0P0vfA2LpZe8X9-Qb7wbCu87NyZFiYjzIRHevgHkyIi7vUtRMw1t_29BLkDXnOr30jtoe2I5YvMDhj6yvWhTXJjLfd55rcnN2-aAMB2m4LSl0qMV5j6qy6EkepS-JJiWb7K__dPPQjyDY97Yw7FHQCEzutbjzkOzrKu6iCPe9jF4DX9VTiavbQqzuUPt-9Dq_OMQ603UgQJq6g6ojDG6wPX25bo-4RC9IbT6fGMo8p6AIppjvSoeeSo65TlqpoRWxWyfam4Bbo58arfe3Hv7klvI5dypYeNL9DT2qFz3MmQkP0sOyvYIjR5lTTcXjoTYqd7yX8gjCutMV8oRGpL33sV29j-rBrBtFZdgm3QpMdjh0tKBG4xLqG_U5_teQ4GENOdOvXtEMOXANBBQ85Rape5sc-lWqThF7AqNdalV7OO7jeOnVkBIwJ87TzO5keGC2zjPS0JUm03h8FKDh1tey-Y_5aHLDVgcnkB2berD5hfEZKOaZfZpLJE7I_4iH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTWRn79DjZLayMqG-o9kPx62k-AGcge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzE0OTQ1Njg0NTQ3MTU5NsgBCagDAcgDAqoE5QFP0K0jq0iXyfrDdCS1_upfLhpVm9RQwM-LuU_knQGyYBmC9b7uUKFPFdP7Th068AoG4kXGLWnDFsWgUxuRAJzPQuop152-dOf71XxI25CzaNaoab85zoeZU7wm4GxmFZsbAoTOUztQGKUeUuhr0ougYeK0oEt7U9Qq08ojNGExxO7qUbVo0L_5bai13BdIPyMFpzsmuTx89Cn9-DDDsTZVv6q1ZwbtND5KX2GKkNl4R7Szuapva-BIunkUFJLxPreJCK7HyKx0X849eZFPfjU_kzLuu4tjFrDVkrOp10Byj_m1kS_UgAam9uaDvZPNugagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DNNsZcSFWlcfNP7mb22yH-zsgEQ%26client%3Dca-pub-7149456845471596%26adurl%3D
Frame ID: 52A5A4FC7A56F36454677E383BDE91A4
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 30A0F13F1F99E9C422FD44AF9D73D32C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXcnAIQutSeAhjvqfHpATAB&v=APEucNWD4q6QSZWosWg17A5TBD-Sw8eCWVGghQSFJbtDgXYsSZ9p6QKWPcpFNEfW4yQavUheMEfSMdFF-q3x_1m_zRe9W6QOSw
Frame ID: 8CC628F45576512824F631003047FBAF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 6D85FC0E5FAD69E8F080DCAEAF7AB0F5
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js
Frame ID: DC38FF3811FE2F531066050C75FEAD53
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
Frame ID: 86C245E9B19A18E84B8FFCF0BDAF919F
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CF76534A9B91700C40E5C1021D2D6630
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4E1ECE37C8DA8044E5E9B6B542E76543
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 024595566C2EC333E85677AEF6C6B52E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 319EC15428D390DA05844E6E38F7B001
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A152BD35B6953B388BFD0FB116B54A99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

carasettingbaru

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

91 %
HTTPS

61 %
IPv6

21
Domains

37
Subdomains

30
IPs

3
Countries

1454 kB
Transfer

5096 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.asthemesworld.xyz/
Title: ASThemesWorld

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://px.owneriq.net/ecmg?google_gid=CAESEBkL_dcKx_sJL0p4C_E9fF0&google_cver=1&google_push=AXcoOmTJ5hhMupaG4yYw5sptBG6GwID0eSKTAaRQUaQGpMQm_e86fBgr2n4P1jdYjDejamI8lGGMfePXYuvRU7SHhCxCZie3C8wm1w HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTJ5hhMupaG4yYw5sptBG6GwID0eSKTAaRQUaQGpMQm_e86fBgr2n4P1jdYjDejamI8lGGMfePXYuvRU7SHhCxCZie3C8wm1w%26google_cver%3d1%26google_gid%3dCAESEBkL_dcKx_sJL0p4C_E9fF0%26google_hm%3dUTc0NTkzODE2MTE0NTM3MTU4MzM%3d&uid=Q7459381611453715833&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTJ5hhMupaG4yYw5sptBG6GwID0eSKTAaRQUaQGpMQm_e86fBgr2n4P1jdYjDejamI8lGGMfePXYuvRU7SHhCxCZie3C8wm1w&google_cver=1&google_gid=CAESEBkL_dcKx_sJL0p4C_E9fF0&google_hm=UTc0NTkzODE2MTE0NTM3MTU4MzM=

Request Chain 33

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF1zQfnVdNsGC3BZkXV77Ao&google_cver=1&google_push=AXcoOmS0RXpKdb0cMT2Sdb5jpb0jLsBBmZHlGeS7CbkXgnB6981NZIffgV6T9aIBSc4V-P02XyOuco_mLRMq5DzDcARiL8gLdhkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF1zQfnVdNsGC3BZkXV77Ao&google_push=AXcoOmS0RXpKdb0cMT2Sdb5jpb0jLsBBmZHlGeS7CbkXgnB6981NZIffgV6T9aIBSc4V-P02XyOuco_mLRMq5DzDcARiL8gLdhkw

Request Chain 34

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIC5JTLX5m1vltIwdYVjOjI&google_cver=1&google_push=AXcoOmSXZSlnO-g8kDjxZIt8Y95X54_FNyZwVl2wsymNTKuhm3FoDjk-n8D8C8RYKz26oc85EcNU0ZftftqzdqFD9PTLlnPtAomYMw HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEIC5JTLX5m1vltIwdYVjOjI&google_cver=1&google_push=AXcoOmSXZSlnO-g8kDjxZIt8Y95X54_FNyZwVl2wsymNTKuhm3FoDjk-n8D8C8RYKz26oc85EcNU0ZftftqzdqFD9PTLlnPtAomYMw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWU1YjBhOGItNDc3NC00NjI5LTljYWYtMmI2ZDViMjZlY2My&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1e5b0a8b-4774-4629-9caf-2b6d5b26ecc2

Request Chain 36

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKCmtf2Db8f5p9Hc-vB55Hg&google_cver=1&google_push=AXcoOmSNIuzYlspOm3mbSc5z4-V8WVjkoo50iML-AClwV3ladfCflq7JwxBNRE8Q4uR428oKXaxzJhcYbbZ8-eYglNmnARbs7AVkPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNIuzYlspOm3mbSc5z4-V8WVjkoo50iML-AClwV3ladfCflq7JwxBNRE8Q4uR428oKXaxzJhcYbbZ8-eYglNmnARbs7AVkPg

Request Chain 37

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEK26Q8w4PWoq36mAJSwxrVI&google_cver=1&google_push=AXcoOmRsilxdCEO9d8XloA7e7gaJqOv8CidYcxkqaWzXavrZ7dy5ggpOzSmnZ8AtHmZSiA2_1lYo_lSVLUrZ9Bi02_4Xsvugc6mFYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRsilxdCEO9d8XloA7e7gaJqOv8CidYcxkqaWzXavrZ7dy5ggpOzSmnZ8AtHmZSiA2_1lYo_lSVLUrZ9Bi02_4Xsvugc6mFYg&google_hm=QlMuNTRkMy1lMTgwLTQ4YWMtYmJkMw==

Request Chain 38

https://trace.mediago.io/cs/google?google_gid=CAESEFKPnTPY6Z5WDWnroJhmK9M&google_cver=1&google_push=AXcoOmQAj9BchkZx3tEH4H5duNRykCkzmGgMDqyfRItdWSk_i93Kprr0Xp24rOOaw35S83VNTDA6cMzdp5cO7RNJx9uByEDkkcRqzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQAj9BchkZx3tEH4H5duNRykCkzmGgMDqyfRItdWSk_i93Kprr0Xp24rOOaw35S83VNTDA6cMzdp5cO7RNJx9uByEDkkcRqzg&google_hm=3cd6870a3a2a533a084fc62245457a40

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1h5o31tIgfuyNVMvoVqAg&google_cver=1

Request Chain 41

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOPQ8IDAouD5wPIFR3N6HQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1h5o31tIgfuyNVMvoVqAg&google_cver=1

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJEWe4dI2LDBEacDsWvb0oY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJEWe4dI2LDBEacDsWvb0oY%26google_cver%3D1

Request Chain 43

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4MzQyMzIyNTMwNjQ0MTMzNA%3D%3D

Request Chain 78

https://gcdn.2mdn.net/videoplayback/id/7380325298480f05/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724187761/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/015CD1CA9DEA13CF533C3B903BABF45A4C9D038A.6016A83CEB2C19A5E13420139A5C154B7ABBA209/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7380325298480f05/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724187761/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B1A3E1A2A4003E23021D2A33754253A001C5F38.4F4FA3118CF7D2DD3F1FC90F33FE752E33DDA524/key/cms1/cms_redirect/yes/mh/JV/mip/2a0d:5600:24:1500:1011:9495:610:c2b8/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1692651439/mv/m/mvi/1/pl/48/file/file.mp4

122 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
carasettingbaru.blogspot.com/ 746 KB
87 KB 918ms
864ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://carasettingbaru.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a12534cd422c0bb85fb458a496bbf397110a104e36eb572140b402d41593715e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 88759
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 21:02:37 GMT
etag: W/"b1c5baf3615a9d1c0817ccde49b32d5239283c580a4c44eb1cfa1ad2977f62e7"
expires: Mon, 21 Aug 2023 21:02:37 GMT
last-modified: Sat, 19 Aug 2023 19:15:14 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 106ms
75ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7149456845471596

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea8f5ef3347aceeca7fedfa88c43514d58ac1725e6fc1dbc710f402899c8bf27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Origin: https://carasettingbaru.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50976
x-xss-protection: 0
server: cafe
etag: 7478585613085734867
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:02:37 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v11/ 16 KB
16 KB 48ms
9ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Origin: https://carasettingbaru.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:29:21 GMT
x-content-type-options: nosniff
age: 271996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16056
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 00:08:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 17:29:21 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v11/ 16 KB
16 KB 11ms
11ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Origin: https://carasettingbaru.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:28:54 GMT
x-content-type-options: nosniff
age: 408823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16180
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 23:50:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:28:54 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 62ms
50ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7149456845471596

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1779db92c62463ad84971b21cc14dcc4da5907dea0b8ff5672e7f5ad6aac8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134681
x-xss-protection: 0
server: cafe
etag: 17393744982466595941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:02:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/ Frame 383B 10 KB
5 KB 26ms
7ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7149456845471596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 5288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 19:34:29 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 19:34:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
607 B 342ms
19ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=carasettingbaru.blogspot.com&callback=_gfp_s_&client=ca-pub-7149456845471596

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bca9a24d4080f49a08544220478958fc14ec1655d666fcd74cec4f56571a640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85D1 173 KB
41 KB 252ms
249ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&adk=3953984709&adf=2873229911&lmt=1692508514&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692651757769&bpp=57&bdt=631&idt=470&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2162244351441&frm=20&pv=2&ga_vid=271899824.1692651759&ga_sid=1692651759&ga_hid=703249488&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997&oid=2&pvsid=2243048199549426&tmod=980152497&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=915

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ea43be85b2d963eb56cb49ef85ed9f38097441e0e38a50476bcc38bf5cdd91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:02:38 GMT
expires: Mon, 21 Aug 2023 21:02:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 154 KB
52 KB 42ms
42ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bc5f7d043b2f4b34a91fa051b106d7371ca22dfe2ce90721656256a769d4c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53666
x-xss-protection: 0
server: cafe
etag: 2871976894057165334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:02:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 19ms
18ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-7149456845471596&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 21ms
18ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4261956552601247&num=0&dvc=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 19EF 37 KB
16 KB 325ms
322ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&h=600&adk=4102438265&adf=3362977292&pi=t.aa~a.2407176695~rp.3&w=288&fwrn=4&fwrnh=100&lmt=1692508514&rafmt=1&to=qs&pwprc=3630501105&format=288x600&url=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692651759532&bpp=7&bdt=2395&idt=7&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2162244351441&frm=20&pv=1&ga_vid=271899824.1692651759&ga_sid=1692651759&ga_hid=703249488&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=839&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997&oid=2&pvsid=2243048199549426&tmod=980152497&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SfIONt8Hjq&p=https%3A//carasettingbaru.blogspot.com&dtd=261

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab016b619aef9d77a755e3a61f4f314d9ef849a06a6bd89456733ff042f8ebdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15882
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:02:40 GMT
expires: Mon, 21 Aug 2023 21:02:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 19ms
18ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-7149456845471596&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230816_103526&sat=1692408250418&afm=0&as_count=0&d_count=0&ng_count=0&am_count=1&atf_count=0&mdns=0&alldns=0.258&allp=8&fd=(0%2C6%2C1)%2C(1%2C1%2C0)%2C(2%2C0%2C0)&pgh=2536&abl=false&rr=n&su=carasettingbaru.blogspot.com&pvc=2243048199549426&r=0.1&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 18ms
17ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-7149456845471596&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame 922B 10 KB
4 KB 35ms
5ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:56:57 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 20:56:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame 0392 10 KB
4 KB 7ms
4ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:56:57 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 20:56:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 19EF 3 KB
1 KB 34ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&h=600&adk=4102438265&adf=3362977292&pi=t.aa~a.2407176695~rp.3&w=288&fwrn=4&fwrnh=100&lmt=1692508514&rafmt=1&to=qs&pwprc=3630501105&format=288x600&url=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692651759532&bpp=7&bdt=2395&idt=7&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2162244351441&frm=20&pv=1&ga_vid=271899824.1692651759&ga_sid=1692651759&ga_hid=703249488&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=839&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997&oid=2&pvsid=2243048199549426&tmod=980152497&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SfIONt8Hjq&p=https%3A//carasettingbaru.blogspot.com&dtd=261

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 19EF 20 KB
8 KB 32ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 19EF 0
0 66ms
25ms Image
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnW0jpliWJLe_gNRKS-y6_D6wRQLFulXXrJA8C3e8u_xVyrGEOU-0bXr8PInMZpX22XLir88_t2L-GEha_3SJbJK2bWQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&h=600&adk=4102438265&adf=3362977292&pi=t.aa~a.2407176695~rp.3&w=288&fwrn=4&fwrnh=100&lmt=1692508514&rafmt=1&to=qs&pwprc=3630501105&format=288x600&url=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692651759532&bpp=7&bdt=2395&idt=7&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2162244351441&frm=20&pv=1&ga_vid=271899824.1692651759&ga_sid=1692651759&ga_hid=703249488&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=839&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997&oid=2&pvsid=2243048199549426&tmod=980152497&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SfIONt8Hjq&p=https%3A//carasettingbaru.blogspot.com&dtd=261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19EF 180 KB
57 KB 47ms
28ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:02:40 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 52A5 131 KB
45 KB 780ms
173ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZOPQ7wAMmTYFKN8hAAkWxydLeVCIdKW2y45Mvw&u=%7CL3u5I77JiBf07ds2DYOid6HBz2%2FqAfqsCLQ3a9HuTHw%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGLLPgbbfBchxWMzS0QnKEdufuvGNxEvA3bQdb2aqbGqTYkiQf3m2TWSKvbsvgIfWMXFRUq_UGowVwybVGG-JxuHkV2y6FP5EnvzxCJLAvrgTDTZ0P0vfA2LpZe8X9-Qb7wbCu87NyZFiYjzIRHevgHkyIi7vUtRMw1t_29BLkDXnOr30jtoe2I5YvMDhj6yvWhTXJjLfd55rcnN2-aAMB2m4LSl0qMV5j6qy6EkepS-JJiWb7K__dPPQjyDY97Yw7FHQCEzutbjzkOzrKu6iCPe9jF4DX9VTiavbQqzuUPt-9Dq_OMQ603UgQJq6g6ojDG6wPX25bo-4RC9IbT6fGMo8p6AIppjvSoeeSo65TlqpoRWxWyfam4Bbo58arfe3Hv7klvI5dypYeNL9DT2qFz3MmQkP0sOyvYIjR5lTTcXjoTYqd7yX8gjCutMV8oRGpL33sV29j-rBrBtFZdgm3QpMdjh0tKBG4xLqG_U5_teQ4GENOdOvXtEMOXANBBQ85Rape5sc-lWqThF7AqNdalV7OO7jeOnVkBIwJ87TzO5keGC2zjPS0JUm03h8FKDh1tey-Y_5aHLDVgcnkB2berD5hfEZKOaZfZpLJE7I_4iH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTWRn79DjZLayMqG-o9kPx62k-AGcge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzE0OTQ1Njg0NTQ3MTU5NsgBCagDAcgDAqoE5QFP0K0jq0iXyfrDdCS1_upfLhpVm9RQwM-LuU_knQGyYBmC9b7uUKFPFdP7Th068AoG4kXGLWnDFsWgUxuRAJzPQuop152-dOf71XxI25CzaNaoab85zoeZU7wm4GxmFZsbAoTOUztQGKUeUuhr0ougYeK0oEt7U9Qq08ojNGExxO7qUbVo0L_5bai13BdIPyMFpzsmuTx89Cn9-DDDsTZVv6q1ZwbtND5KX2GKkNl4R7Szuapva-BIunkUFJLxPreJCK7HyKx0X849eZFPfjU_kzLuu4tjFrDVkrOp10Byj_m1kS_UgAam9uaDvZPNugagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DNNsZcSFWlcfNP7mb22yH-zsgEQ%26client%3Dca-pub-7149456845471596%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6c91c4f494bb3095b00de1695614e4d74ab1b351f95e2f77c401beafd9b14649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:02:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=4bbHp9sYpGZH0OLvb5oOwyJjQodoGCrLZIUbooO84cl2pjuHYyfW1WkX0JGzc7pgs5E5y2WctCCyNKtpHRYxyST_2lRGfveEtmJg_070CcrLNoQnCnKa066WvF2kZ1FJxSTxWsEjoiZ3FPqa_9A_PKQ84LTUWnG_wGWUxIdm1zWXNkR8ibquhOlzH-3i_vd3KGUW7m6Bb0NlDniZc4-Tk5mNBYiB0uFfuxMs4Osw1p2w3K9lyhxtNB39WpD0YYfIoArEveT70u8rFlkQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 36443590
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 30A0 1 KB
643 B 4ms
3ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 54209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:59:11 GMT
etag: 48472445140208031
expires: Tue, 22 Aug 2023 05:59:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 922B 4 KB
1 KB 52ms
19ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 21:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:58:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 21:02:40 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 922B 15 KB
6 KB 19ms
0ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 6802313557646952851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:14:25 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 922B 20 KB
8 KB 15ms
0ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:53:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8CC6 624 B
242 B 57ms
37ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COXcnAIQutSeAhjvqfHpATAB&v=APEucNWD4q6QSZWosWg17A5TBD-Sw8eCWVGghQSFJbtDgXYsSZ9p6QKWPcpFNEfW4yQavUheMEfSMdFF-q3x_1m_zRe9W6QOSw

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:02:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6D85 86 KB
29 KB 76ms
76ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:02:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 6D85 3 KB
1 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 6D85 20 KB
8 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D85 180 KB
56 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:02:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D85 42 B
63 B 30ms
29ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bov7fuyzwcV5fe2whPpptINs45S_Bk1zBF5lMcZGZOiX_tYSLxjO3LwIGiVWUFcDLgXmdXcyqytruS_RBllB2A_iVdsY1RZ6CDSNckEGWHOBUeZBA

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D85 0
20 B 31ms
30ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1935180824768971656&x=1&ct=119

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30A0
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEBkL_dcKx_sJL0p4C_E9fF0&google_cver=1&google_push=AXcoOmTJ5hhMupaG4yYw5sptBG6GwID0eSKTAaRQUaQGpMQm_e86fBgr2n4P1jdYjDejamI8lGGMfePXYuvRU7SHhCxCZie3C8wm1w
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTJ5hhMupaG4yYw5sptBG6GwID0eSKTAaRQUaQGpMQm_e86fBgr2n4P1jdYjDeja...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTJ5hhMupaG4yYw5sptBG6GwID0eSKTAaRQUaQGpMQm_e86fBgr2n4P1jdYjDejamI8lGGMfePXYuvRU7SHhCxCZie3C8wm1w&google_cver=1&goo...

170 B
188 B

29ms
24ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTJ5hhMupaG4yYw5sptBG6GwID0eSKTAaRQUaQGpMQm_e86fBgr2n4P1jdYjDejamI8lGGMfePXYuvRU7SHhCxCZie3C8wm1w&google_cver=1&google_gid=CAESEBkL_dcKx_sJL0p4C_E9fF0&google_hm=UTc0NTkzODE2MTE0NTM3MTU4MzM=

Requested by

Protocol

Server

142.250.80.34 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 21 Aug 2023 21:02:41 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTJ5hhMupaG4yYw5sptBG6GwID0eSKTAaRQUaQGpMQm_e86fBgr2n4P1jdYjDejamI8lGGMfePXYuvRU7SHhCxCZie3C8wm1w&google_cver=1&google_gid=CAESEBkL_dcKx_sJL0p4C_E9fF0&google_hm=UTc0NTkzODE2MTE0NTM3MTU4MzM=
Content-Type: text/html
Cache-Control: max-age=44139
Connection: keep-alive
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30A0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF1zQfnVdNsGC3BZkXV77Ao&google_push=AXcoOmS0RXpKdb0cMT2Sdb5jpb0jLsBBmZHlGeS7CbkXgnB6981NZIffgV...

170 B
188 B

24ms
22ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF1zQfnVdNsGC3BZkXV77Ao&google_push=AXcoOmS0RXpKdb0cMT2Sdb5jpb0jLsBBmZHlGeS7CbkXgnB6981NZIffgV6T9aIBSc4V-P02XyOuco_mLRMq5DzDcARiL8gLdhkw

Requested by

Protocol

Server

142.250.80.34 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-lga21927-LGA
pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692651760.481684,VS0,VE8
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF1zQfnVdNsGC3BZkXV77Ao&google_push=AXcoOmS0RXpKdb0cMT2Sdb5jpb0jLsBBmZHlGeS7CbkXgnB6981NZIffgV6T9aIBSc4V-P02XyOuco_mLRMq5DzDcARiL8gLdhkw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30A0
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIC5JTLX5m1vltIwdYVjOjI&google_cver=1&google_push=AXcoOmSXZSlnO-g8kDjxZIt8Y95X54_FNyZwVl2wsymNTKuhm3FoDjk-n8D8C8RYKz26oc85EcNU0ZftftqzdqFD9P...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEIC5JTLX5m1vltIwdYVjOjI&google_cver=1&google_push=AXcoOmSXZSlnO-g8kDjxZIt8Y95X54_FNyZwVl2wsymNTKuhm3FoDjk-n8D8C8RYKz26oc85EcNU0ZftftqzdqFD9P...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWU1YjBhOGItNDc3NC00NjI5LTljYWYtMmI2ZDViMjZlY2My&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1e5b0a8b-4774-4629-9caf-2b6d5b26ecc2

170 B
188 B

30ms
30ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWU1YjBhOGItNDc3NC00NjI5LTljYWYtMmI2ZDViMjZlY2My&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1e5b0a8b-4774-4629-9caf-2b6d5b26ecc2

Requested by

Protocol

Server

142.250.80.34 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWU1YjBhOGItNDc3NC00NjI5LTljYWYtMmI2ZDViMjZlY2My&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1e5b0a8b-4774-4629-9caf-2b6d5b26ecc2
date: Mon, 21 Aug 2023 21:02:40 GMT
server: Kestrel
content-length: 423

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 30A0 43 B
363 B 93ms
11ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTAoR4TgTwm8viEi3LNt84jJ3XUM8NmteVCckJ4EXkq24mdKxOUc_Rxm8etIXilge5Y3aj7uPxkp2-fnlbjWGjHi1ehvUTj&google_gid=CAESEPEfvyL8VfUZfDdBd1J06vs&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:39 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 159708
expires: Mon, 21 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30A0
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKCmtf2Db8f5p9Hc-vB55Hg&google_cver=1&google_push=AXcoOmSNIuzYlspOm3mbSc5z4-V8WVjkoo50iML-AClwV3ladfCflq7JwxBNRE8Q4uR428oKXaxzJhcYbbZ8...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNIuzYlspOm3mbSc5z4-V8WVjkoo50iML-AClwV3ladfCflq7JwxBNRE8Q4uR428oKXaxzJhcYbbZ8-eYglNmnARbs7AVkPg

170 B
188 B

27ms
21ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNIuzYlspOm3mbSc5z4-V8WVjkoo50iML-AClwV3ladfCflq7JwxBNRE8Q4uR428oKXaxzJhcYbbZ8-eYglNmnARbs7AVkPg

Requested by

Protocol

Server

142.250.80.34 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNIuzYlspOm3mbSc5z4-V8WVjkoo50iML-AClwV3ladfCflq7JwxBNRE8Q4uR428oKXaxzJhcYbbZ8-eYglNmnARbs7AVkPg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30A0
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEK26Q8w4PWoq36mAJSwxrVI&google_cver=1&google_push=AXcoOmRsilxdCEO9d8XloA7e7gaJqOv8CidYcxkqaWzXavrZ7dy5ggpOz...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRsilxdCEO9d8XloA7e7gaJqOv8CidYcxkqaWzXavrZ7dy5ggpOzSmnZ8AtHmZSiA2_1lYo_lSVLUrZ9Bi02_4Xsvugc6mFYg&google_hm=QlMuNTRkMy1lMTgw...

170 B
188 B

27ms
25ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRsilxdCEO9d8XloA7e7gaJqOv8CidYcxkqaWzXavrZ7dy5ggpOzSmnZ8AtHmZSiA2_1lYo_lSVLUrZ9Bi02_4Xsvugc6mFYg&google_hm=QlMuNTRkMy1lMTgwLTQ4YWMtYmJkMw==

Requested by

Protocol

Server

142.250.80.34 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRsilxdCEO9d8XloA7e7gaJqOv8CidYcxkqaWzXavrZ7dy5ggpOzSmnZ8AtHmZSiA2_1lYo_lSVLUrZ9Bi02_4Xsvugc6mFYg&google_hm=QlMuNTRkMy1lMTgwLTQ4YWMtYmJkMw==
Date: Mon, 21 Aug 2023 21:02:40 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30A0
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEFKPnTPY6Z5WDWnroJhmK9M&google_cver=1&google_push=AXcoOmQAj9BchkZx3tEH4H5duNRykCkzmGgMDqyfRItdWSk_i93Kprr0Xp24rOOaw35S83VNTDA6cMzdp5cO7RNJx9uByEDkk...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQAj9BchkZx3tEH4H5duNRykCkzmGgMDqyfRItdWSk_i93Kprr0Xp24rOOaw35S83VNTDA6cMzdp5cO7RNJx9uByEDkkcRqzg&google_hm=3cd6870a3a2a...

170 B
188 B

21ms
21ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQAj9BchkZx3tEH4H5duNRykCkzmGgMDqyfRItdWSk_i93Kprr0Xp24rOOaw35S83VNTDA6cMzdp5cO7RNJx9uByEDkkcRqzg&google_hm=3cd6870a3a2a533a084fc62245457a40

Requested by

Protocol

Server

142.250.80.34 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQAj9BchkZx3tEH4H5duNRykCkzmGgMDqyfRItdWSk_i93Kprr0Xp24rOOaw35S83VNTDA6cMzdp5cO7RNJx9uByEDkkcRqzg&google_hm=3cd6870a3a2a533a084fc62245457a40
date: Mon, 21 Aug 2023 21:02:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 30A0 0
130 B 100ms
20ms Image
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INx2yG47I61lJTJeW0GoI_QdW8vl3zh12PELbq1XJ50AmgDUp3jWTtsTGVJW1ia9K-EnCG75Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8CC6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1h5o31tIgfuyNVMvoVqAg&google_cver=1

43 B
351 B

21ms
19ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1h5o31tIgfuyNVMvoVqAg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXcnAIQutSeAhjvqfHpATAB&v=APEucNWD4q6QSZWosWg17A5TBD-Sw8eCWVGghQSFJbtDgXYsSZ9p6QKWPcpFNEfW4yQavUheMEfSMdFF-q3x_1m_zRe9W6QOSw
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrYwkQk9IOWtXFXLJ%2Fpxd%2FGmWnbV1klyFtSwkVrIGgj8%2Biko2mV%2Fv99vaq7rRDHyLdE5ONQkr84P6PN2tdN35%2FIQuSK4XO9aB20mPJERRfU%2F1DInVVw%2FVDFXYd%2FJR0Zb%2BYERnU%2BZpnjBdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa5d17ffee642b9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1h5o31tIgfuyNVMvoVqAg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8CC6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOPQ8IDAouD5wPIFR3N6HQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1h5o31tIgfuyNVMvoVqAg&google_cver=1

43 B
331 B

25ms
24ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1h5o31tIgfuyNVMvoVqAg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXcnAIQutSeAhjvqfHpATAB&v=APEucNWD4q6QSZWosWg17A5TBD-Sw8eCWVGghQSFJbtDgXYsSZ9p6QKWPcpFNEfW4yQavUheMEfSMdFF-q3x_1m_zRe9W6QOSw
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKIw2HfLlEAC79Agp7NWsFwzky9t5HuGVAYmXvPyb%2B8%2BqGvJhkQzZtNJl6DMUqZZNdAekufMWBpi7PC06%2BzluIzZbZiR5lSDCwm%2BGsNItRwvmLvBSI11aH%2FscOhmzwjdzAMT5U2zYK64qw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa5d1807f7b42b9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1h5o31tIgfuyNVMvoVqAg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 8CC6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJEWe4dI2LDBEacDsWvb0oY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJEWe4dI2LDBEacDsWvb0oY%26google_cver%3D1

43 B
888 B

10ms
9ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJEWe4dI2LDBEacDsWvb0oY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXcnAIQutSeAhjvqfHpATAB&v=APEucNWD4q6QSZWosWg17A5TBD-Sw8eCWVGghQSFJbtDgXYsSZ9p6QKWPcpFNEfW4yQavUheMEfSMdFF-q3x_1m_zRe9W6QOSw

Protocol

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
an-x-request-uuid: 94276567-f41e-4174-8839-cacf15c68d04
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
an-x-request-uuid: 9ab9976f-2291-47d9-b36c-eea2f2e206fe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJEWe4dI2LDBEacDsWvb0oY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CC6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4MzQyMzIyNTMwNjQ0MTMzNA%3D%3D

170 B
188 B

23ms
22ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4MzQyMzIyNTMwNjQ0MTMzNA%3D%3D

Requested by

Protocol

Server

142.250.80.34 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
an-x-request-uuid: 491595c0-4cca-4854-a59c-58f93ebd9294
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4MzQyMzIyNTMwNjQ0MTMzNA%3D%3D
x-proxy-origin: 5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 19EF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b0a702ff01289a19d988f7393bd583d66fdd3d49bb130682da64b849a51377e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame DC38 23 KB
9 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DC38 8 KB
823 B 20ms
19ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 21:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 19:39:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 21:02:40 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame DC38 15 KB
3 KB 264ms
4ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 12:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 12:37:20 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame DC38 368 KB
128 KB 265ms
5ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 12:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 12:37:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame DC38 20 KB
8 KB 7ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 19EF 0
19 B 32ms
29ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxY_J79DjZLayMqG-o9kPx62k-AGcge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzE0OTQ1Njg0NTQ3MTU5NsgBCagDAcgDAqoE4gFP0K0jq0iXyfrDdCS1_upfLhpVm9RQwM-LuU_knQGyYBmC9b7uUKFPFdP7Th068AoG4kXGLWnDFsWgUxuRAJzPQuop152-dOf71XxI25CzaNaoab85zoeZU7wm4GxmFZsbAoTOUztQGKUeUuhr0ougYeK0oEt7U9Qq08ojNGExxO7qUbVo0L_5bai13BdIPyMFpzsmuTx89Cn9-DDDsTZVv6q1ZwbtND5KX2GKkNl4R7Szuapva-BIunkUFJKzPJcbo1xOyG_9MkLWAxiMyQkXmhz2fxCQbDkcLK2Fz-mkHvl2gAam9uaDvZPNugagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcxNDk0NTY4NDU0NzE1OTYYAA&sigh=O00K_Ewe9ns&uach_m=[UACH]&cid=CAQSKQBpAlJWgVEy4YtF7kSXNZqz5nbEzCKM5Zrs9qX_AVHkWgZsn3a7l0B9GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&h=600&adk=4102438265&adf=3362977292&pi=t.aa~a.2407176695~rp.3&w=288&fwrn=4&fwrnh=100&lmt=1692508514&rafmt=1&to=qs&pwprc=3630501105&format=288x600&url=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692651759532&bpp=7&bdt=2395&idt=7&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2162244351441&frm=20&pv=1&ga_vid=271899824.1692651759&ga_sid=1692651759&ga_hid=703249488&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=839&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997&oid=2&pvsid=2243048199549426&tmod=980152497&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SfIONt8Hjq&p=https%3A//carasettingbaru.blogspot.com&dtd=261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 21:02:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 19EF 0
126 B 259ms
9ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ksyoF836RKAC2ATiIp0XAgAAABkgJ1Iczxxcgq2_OxDv0ONkOC6Gornb0bmghwAAEgAACgpBUVVCQ2dFQkNn&wp=ZOPQ7wAMmTYFKN8hAAkWxydLeVCIdKW2y45Mvw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:40 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 144220
server: Kestrel
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D85 0
20 B 19ms
18ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5276366069716&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D85 0
20 B 21ms
19ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5276366069716&version=m202307240101&ct=119&x=1&cor=1935180824768971800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6D85 91 KB
37 KB 56ms
55ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcihWYDPd92dP6jbaOlk8HjPvW1jTjF5INxeN_Mo74POZVWUG75dE9xUCZOI4LjPk7j6iLylG3RoypMsBSX3WtqatU36InfC03DKGLgvA65sM9nRNAAqdE2uBairR6gjWUhMnYJx6iwUIB30kyKvfmPqMfsbkYZQuUnO-cy6dOR2XfhW0&cry=1&dbm_d=AKAmf-AV2DacST4oVL6gHQlYllUQDvfqy6PmsfmWctFdK_3Y89rZVut6SVbcn3ehoJZXtj2WvEjKvb7wFr5YPCP8mUpWTVzrs4iDHb4FOlISrhysNyxTzDJkVUeY4u8Jb7badPIodR3QDiELv4vrPx7b7kDcD_7T6QOn-8EtG-qa9eObohZNeHfv3qhBJEhUR5c8f6XveFSCjXTMTtPb5lcHnBkY39QBkqN4zPJXBSzG5534r4XZ5FwrQnQOMPQhlxLPCIoyjW_XACwgcq2PnqASWhGad_CpeLzVpSAxLU8-_Qzrf7wIqjc60BqyBjfTcpI5Ha4XYfF1SiKbZ_N0tEmgC3m6K5xVVAlvDpfWseJFri9lKHUvejf0BC92cn_r_Za8e7uyiv6lCvwLzm3NwMtjj6S2KdmIB4sXvFZugWYsSxGV7K8a9xWj9FED0KDSY4i3mj7I7D8zxhI7jGVyXNm33wSXUE0qnB8IR-sb3pD79guwkzgzEF5L90mxQUW6xhOhC3lxwcZmvwtM45Y-twHdSz_3aGKbwrBO5juP0G9CW3Os0SFjQtWmm_QS0W8KFdNCA7MuYXme8AFv3OtZfeHSrFL82bLxpm3pWZYHiRFsZqfHqWkKoR5iypDDu-NiK5PyA4CNI0kTb4tiwx4X_8rB7C3S79cseDux-gqGSS5dda-BipeW_3TCbuhbDHcPay9c1W42omvtZgnV-hVbcta4VKf8rLq9do2UtQV7KgG5mz0Sz-wK2DyzAuzKRyUfUfPRtCEXPcmcaqIHYr1twyN10Ou-u7ClXHIOxDd9H-vfY6Xt0vsNeWsizLZwz2mPhMFBkWNTP7Ow86Qm4CFOkiXQbXx3nwtk_YmjQgC-Yporzu7WGSDzqu9TVHeSLtqdMzP59hdpxnmCYRSCFkEIEQO6ho_EW-Sj9HYZO4a3wiwuwpaE7cj_a4p5mrff3czJsQdVIR0yS_Hdl6U7UXkYB_ubSQkcw26IZsX4ImCLfS4Cypx4FlYDtjSLP-pDvc04q15gGcEnWQtBuBfTRags7prxUw__Bztxd31-Z1wdHvOj90wWtR55UBpKxZP4YwM5aW5nK21RSVfzL_QEyXh3V8bsx82RcLFe7Cwo7ju0OKi2rCgH9KU_SB9BFwak1qWAsmg0x4VIlZfmPW8BOq8PO10L5pBYc2BLVqJnTMUTVmwf5n6IHE-bzU5Gd2Sb2-S3fj0KsJ-kKCJvpLHmJpIVetyAJjGtzHWfEi30ePfclfmdREfJKBcECra1ZdwGCbNhtRE4UsYj39ylxapJNgqHZaTMz1Ij1-Ip_qmQDxnI3iaiwGAdyyc0DTRnvoyLcTYDlZHKMGQSRRDnlOfX76swurimKvEKi8fA0SOQy2_h4CGQX9ZUuvhhNnFyWWUB9Twy9eobA3EZ1-cbZBm4sdKE_RgI2C5M_FMVYoZOpsb54rFzIaqfcWLOks_43SD4DZV84rgHlfqcpHnEysnDJMIFoMZwmjR7-ijGhvdEc3fVoi86v-eDbpvz1-65T0vCig26gjOz-mrAlghnUYwaVn0af0-Ec2TUJ3ItjDpnHR2OvLf-fR3E5IhGdiYAgDUAXOVi4KtnHn1ahXb_KaByF6CyMbfWz5slXgpnDSlf_OHYJepWT5rAU_SrkvenHVEqBSg3_mU7tW-sXaExs4ksJuVbTSbcLQYQFv0gP8fMRT-dw7bozIDJwDacI251F0ZzgM5GX13fMeE666r1nI5Buzg-v3nu6Uq9BeupUzAyEYQYQoQ-hsTSyqs9FLmTI3N8QWvdU1bvIDWvf6ACrxNECEmSugsfN0b9bnjG4LvGiY67u3Xn1wlZkwJp_ZwI7B0q0x0r9CWTCCx9Hv56j6GgkM4V_Sl9SLX44mDVs177xGT6MA3NYkU8gzGjlE7qdq_3rJI7mTm62rApjFKQH3YWOJpcDbIXNIG7Yg-ZMTLzcG-FtFiKs9EbTv3PtFtWpU-lC5w6fnctaSUb8V4aPtVuJINDj0kbCMfiakwnyw0AKZQscHKmYwGgOiNH07O2hV7IVww0-zkSBBWUzYifbXyJEO6AFlOIZPfYUDGOjKHA7m9uVfW-BDrnbMLekBpA8qhIq7Vl904EI-N7YQhDtRDqNABDnvWTjvDolokEGk03e6ChBH1uGZ1ZnzyrHNLX_s_uJmwAajnwErQorQlkIBfldgEmmlOe3i-QeeyGXEbd_UrRoEg430J7flOa0fnnGwy3DxUNYOxfVaheCy3o_XakwVU7rCQwGvKUOCfGB1QHwElKWrzNhDlrlDvO36UBppRzo-JgZG1YuuiKurc7sBSRM6qFGkvCfYlSAFi4zHBwuJUnbbqDJxyXLzUmU7AIbbQWUuDP_usBel-lFoxOiKiKfJ9BlGg3VKQYJL4HRMkj_dz7q1gP6OazlMKuhzXpedvvr2hR__pGLoJEBC62FHupRK03UBTs3BUcjkK7r3z_uzbrM4kUKXJc5LFVB-XG_qMLGywAoVXPPxROVWdGINfze-P5TOyW0Pf5QI4rSDKvPfOlQVvpOgpL2QGHTjNPWiGzypC6oI5j4Cv3NzMfsHSDqB-XRT0lY7GhAeR-bJPE3LjcD8ZvB9u5zifBd3b9aKJq42Qj4FBhGaLAGWTGOUvK4ZR19z2Cdtj4ePW0FBkfMHt10NPLe-chyLCZp_yZtYAoKE7Irwg3Fx43RAVsjsTbw3eL2Lj-RQsB8Hud68abfZfsXOT5VA3CyiBWPteYz245BDco0xdClgVbUGaNK4RjBqARVgcqN5JzoxG5J7ZSOAYghq5PP6bOr_-BCk_6CnX4sNbBmUNa1if_Aww0a_ZAb8ewaTJXdqPIZ-MkvUEC1y5fHDvB7_Om_SwHKx-ahSPw_z1mlQuXpz3aW24flt8LPJyhC9el4o3NcNWL7snLTTLoG6Pi8xqyLQZYSxYoFt5KUbyLBwmrJr9RIfHv1lk7QUidd26BA2IYcWKxlhsxBP8iUUheXsCIbaYflSOguyzXLorpaKkuMHmkz3xc5jmSDwrg1cXCXwBgqNJz5vTryqnePbI3nwsxbClnN9W2UQzXneK49mvyJIEzYrFuy3NQh7JdwQBzvIO7tBo1C363ydglYrP_PJzHwCLnsDH1CHeEy9U-hOFv1VI4iQ0bj2UgUHCh-c39sGEK8YtSzyXc10jXcRPBfmaZbs_iUQ02I38tyxkkBmZKzYr3Hkf23Z3tC9bCjkg_AJtD9yJAj3L_yFeAcMuZpVN4lXXYFrpmeWUzwm9b7Ps9RKUWCYIRCYeH9PavIDHlSbOOa_2narRVKiF-yCggrMI66OJiUTUBxf8-Wnjo_nVS-tukRbIvjvPjLeY3hU2U3DfwA_23Lq7aKkgL4yGfSRLmilMxDZjblvAn7E9E1oKocXOniz69h5AqvlIVEa6Ul_5ueP4zQBcaik6UOAvTFgMN6vydNh4akrROEY7ActVNLyFWhgn527J8mEqO-5EVxVUlLsYr7HcGzFLQpYQrofstWQMJ1Yx44o9NW0_X8Kq5FwUt3u7wspcDQ2yG0fc7mXymT70tcV8Coo76QAWr924R0-F8uNzbHTstCP8r3NdA8ofrJgF3pJ15JoL2y8ETbRsWvDYvo0vDWgiVdhR5ULj5CJ68k_S-Atg-xPV7G-GTGvN6gpRhTNXjvTSDdRjD1qka5dznjqia2edqfyMNfS7RVJ9HeS91FemcGfcv5vGgzjuzUD6sGwLqlBEga4VdsnY5KdRI4VND0Yqrxda1BosxigRIKBxQISsd6TNgDNGGQKg-jZw12754TC2olWGFuF_kYiY4atstmVwBwPqzcBmcb-vM0BcZa5_UQbNUKI9ySj74kZPwioEunrsR3LVbUOULwt6k_euDM0K09WDrz1pnwXYwwsOcRBjJrjzk3cD85Qc-hzZ9z88hH5MthmbAtB2XmPzm2PsJYbiaksB4KzAGgIVbT1qcQMunpiAjCEbjibMyGZGL6PxYTXSK-YVFYCFCRofXE2BxNtE23NhuRx2J_O0pxo2cqTk5ciP8Hi16ImNoveZT_TmD6lpN60aG-v9prKmfJVv0XtRsEAfVcvamf3A9YISjhBZu5_oo5ChjPfgNqDj8oWwLEfn-6QWfxT_flC3B45d0rlGMonPqdq7zJut6Tt2eSRil_KfkvY-0SkwN7_p0Unxy8Tt4ViPBy-j8htjrnglyR6499ML2gF0EtmXJmxECN2tVszwYRNx9dql23iCQ0Dtp97LlDxzax0FTVgNu6j3sNeLQhreY6iYM_s98reHvgl5TZef5PIrs-GKLxxQDYxmzorV6VfmRX5rKkgLuI6yPjPE5FxfKLa0Ps98kzei3lQrgnqqxsYWK1xRWV33V&cid=CAQSGwBpAlJWXac1Zq7farpoYPb1TivLn8GA1HUhohgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&ds=l&xdt=1&iif=1&cor=1935180824768971800&adk=1761367587&idt=84&cac=0&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00508300cf22366c8feee88d443d52ce424037cfe16015023d9904ee9405abb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38006
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6D85 172 KB
61 KB 42ms
4ms Script
text/javascript 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 06:23:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 6D85 11 KB
4 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcihWYDPd92dP6jbaOlk8HjPvW1jTjF5INxeN_Mo74POZVWUG75dE9xUCZOI4LjPk7j6iLylG3RoypMsBSX3WtqatU36InfC03DKGLgvA65sM9nRNAAqdE2uBairR6gjWUhMnYJx6iwUIB30kyKvfmPqMfsbkYZQuUnO-cy6dOR2XfhW0&cry=1&dbm_d=AKAmf-AV2DacST4oVL6gHQlYllUQDvfqy6PmsfmWctFdK_3Y89rZVut6SVbcn3ehoJZXtj2WvEjKvb7wFr5YPCP8mUpWTVzrs4iDHb4FOlISrhysNyxTzDJkVUeY4u8Jb7badPIodR3QDiELv4vrPx7b7kDcD_7T6QOn-8EtG-qa9eObohZNeHfv3qhBJEhUR5c8f6XveFSCjXTMTtPb5lcHnBkY39QBkqN4zPJXBSzG5534r4XZ5FwrQnQOMPQhlxLPCIoyjW_XACwgcq2PnqASWhGad_CpeLzVpSAxLU8-_Qzrf7wIqjc60BqyBjfTcpI5Ha4XYfF1SiKbZ_N0tEmgC3m6K5xVVAlvDpfWseJFri9lKHUvejf0BC92cn_r_Za8e7uyiv6lCvwLzm3NwMtjj6S2KdmIB4sXvFZugWYsSxGV7K8a9xWj9FED0KDSY4i3mj7I7D8zxhI7jGVyXNm33wSXUE0qnB8IR-sb3pD79guwkzgzEF5L90mxQUW6xhOhC3lxwcZmvwtM45Y-twHdSz_3aGKbwrBO5juP0G9CW3Os0SFjQtWmm_QS0W8KFdNCA7MuYXme8AFv3OtZfeHSrFL82bLxpm3pWZYHiRFsZqfHqWkKoR5iypDDu-NiK5PyA4CNI0kTb4tiwx4X_8rB7C3S79cseDux-gqGSS5dda-BipeW_3TCbuhbDHcPay9c1W42omvtZgnV-hVbcta4VKf8rLq9do2UtQV7KgG5mz0Sz-wK2DyzAuzKRyUfUfPRtCEXPcmcaqIHYr1twyN10Ou-u7ClXHIOxDd9H-vfY6Xt0vsNeWsizLZwz2mPhMFBkWNTP7Ow86Qm4CFOkiXQbXx3nwtk_YmjQgC-Yporzu7WGSDzqu9TVHeSLtqdMzP59hdpxnmCYRSCFkEIEQO6ho_EW-Sj9HYZO4a3wiwuwpaE7cj_a4p5mrff3czJsQdVIR0yS_Hdl6U7UXkYB_ubSQkcw26IZsX4ImCLfS4Cypx4FlYDtjSLP-pDvc04q15gGcEnWQtBuBfTRags7prxUw__Bztxd31-Z1wdHvOj90wWtR55UBpKxZP4YwM5aW5nK21RSVfzL_QEyXh3V8bsx82RcLFe7Cwo7ju0OKi2rCgH9KU_SB9BFwak1qWAsmg0x4VIlZfmPW8BOq8PO10L5pBYc2BLVqJnTMUTVmwf5n6IHE-bzU5Gd2Sb2-S3fj0KsJ-kKCJvpLHmJpIVetyAJjGtzHWfEi30ePfclfmdREfJKBcECra1ZdwGCbNhtRE4UsYj39ylxapJNgqHZaTMz1Ij1-Ip_qmQDxnI3iaiwGAdyyc0DTRnvoyLcTYDlZHKMGQSRRDnlOfX76swurimKvEKi8fA0SOQy2_h4CGQX9ZUuvhhNnFyWWUB9Twy9eobA3EZ1-cbZBm4sdKE_RgI2C5M_FMVYoZOpsb54rFzIaqfcWLOks_43SD4DZV84rgHlfqcpHnEysnDJMIFoMZwmjR7-ijGhvdEc3fVoi86v-eDbpvz1-65T0vCig26gjOz-mrAlghnUYwaVn0af0-Ec2TUJ3ItjDpnHR2OvLf-fR3E5IhGdiYAgDUAXOVi4KtnHn1ahXb_KaByF6CyMbfWz5slXgpnDSlf_OHYJepWT5rAU_SrkvenHVEqBSg3_mU7tW-sXaExs4ksJuVbTSbcLQYQFv0gP8fMRT-dw7bozIDJwDacI251F0ZzgM5GX13fMeE666r1nI5Buzg-v3nu6Uq9BeupUzAyEYQYQoQ-hsTSyqs9FLmTI3N8QWvdU1bvIDWvf6ACrxNECEmSugsfN0b9bnjG4LvGiY67u3Xn1wlZkwJp_ZwI7B0q0x0r9CWTCCx9Hv56j6GgkM4V_Sl9SLX44mDVs177xGT6MA3NYkU8gzGjlE7qdq_3rJI7mTm62rApjFKQH3YWOJpcDbIXNIG7Yg-ZMTLzcG-FtFiKs9EbTv3PtFtWpU-lC5w6fnctaSUb8V4aPtVuJINDj0kbCMfiakwnyw0AKZQscHKmYwGgOiNH07O2hV7IVww0-zkSBBWUzYifbXyJEO6AFlOIZPfYUDGOjKHA7m9uVfW-BDrnbMLekBpA8qhIq7Vl904EI-N7YQhDtRDqNABDnvWTjvDolokEGk03e6ChBH1uGZ1ZnzyrHNLX_s_uJmwAajnwErQorQlkIBfldgEmmlOe3i-QeeyGXEbd_UrRoEg430J7flOa0fnnGwy3DxUNYOxfVaheCy3o_XakwVU7rCQwGvKUOCfGB1QHwElKWrzNhDlrlDvO36UBppRzo-JgZG1YuuiKurc7sBSRM6qFGkvCfYlSAFi4zHBwuJUnbbqDJxyXLzUmU7AIbbQWUuDP_usBel-lFoxOiKiKfJ9BlGg3VKQYJL4HRMkj_dz7q1gP6OazlMKuhzXpedvvr2hR__pGLoJEBC62FHupRK03UBTs3BUcjkK7r3z_uzbrM4kUKXJc5LFVB-XG_qMLGywAoVXPPxROVWdGINfze-P5TOyW0Pf5QI4rSDKvPfOlQVvpOgpL2QGHTjNPWiGzypC6oI5j4Cv3NzMfsHSDqB-XRT0lY7GhAeR-bJPE3LjcD8ZvB9u5zifBd3b9aKJq42Qj4FBhGaLAGWTGOUvK4ZR19z2Cdtj4ePW0FBkfMHt10NPLe-chyLCZp_yZtYAoKE7Irwg3Fx43RAVsjsTbw3eL2Lj-RQsB8Hud68abfZfsXOT5VA3CyiBWPteYz245BDco0xdClgVbUGaNK4RjBqARVgcqN5JzoxG5J7ZSOAYghq5PP6bOr_-BCk_6CnX4sNbBmUNa1if_Aww0a_ZAb8ewaTJXdqPIZ-MkvUEC1y5fHDvB7_Om_SwHKx-ahSPw_z1mlQuXpz3aW24flt8LPJyhC9el4o3NcNWL7snLTTLoG6Pi8xqyLQZYSxYoFt5KUbyLBwmrJr9RIfHv1lk7QUidd26BA2IYcWKxlhsxBP8iUUheXsCIbaYflSOguyzXLorpaKkuMHmkz3xc5jmSDwrg1cXCXwBgqNJz5vTryqnePbI3nwsxbClnN9W2UQzXneK49mvyJIEzYrFuy3NQh7JdwQBzvIO7tBo1C363ydglYrP_PJzHwCLnsDH1CHeEy9U-hOFv1VI4iQ0bj2UgUHCh-c39sGEK8YtSzyXc10jXcRPBfmaZbs_iUQ02I38tyxkkBmZKzYr3Hkf23Z3tC9bCjkg_AJtD9yJAj3L_yFeAcMuZpVN4lXXYFrpmeWUzwm9b7Ps9RKUWCYIRCYeH9PavIDHlSbOOa_2narRVKiF-yCggrMI66OJiUTUBxf8-Wnjo_nVS-tukRbIvjvPjLeY3hU2U3DfwA_23Lq7aKkgL4yGfSRLmilMxDZjblvAn7E9E1oKocXOniz69h5AqvlIVEa6Ul_5ueP4zQBcaik6UOAvTFgMN6vydNh4akrROEY7ActVNLyFWhgn527J8mEqO-5EVxVUlLsYr7HcGzFLQpYQrofstWQMJ1Yx44o9NW0_X8Kq5FwUt3u7wspcDQ2yG0fc7mXymT70tcV8Coo76QAWr924R0-F8uNzbHTstCP8r3NdA8ofrJgF3pJ15JoL2y8ETbRsWvDYvo0vDWgiVdhR5ULj5CJ68k_S-Atg-xPV7G-GTGvN6gpRhTNXjvTSDdRjD1qka5dznjqia2edqfyMNfS7RVJ9HeS91FemcGfcv5vGgzjuzUD6sGwLqlBEga4VdsnY5KdRI4VND0Yqrxda1BosxigRIKBxQISsd6TNgDNGGQKg-jZw12754TC2olWGFuF_kYiY4atstmVwBwPqzcBmcb-vM0BcZa5_UQbNUKI9ySj74kZPwioEunrsR3LVbUOULwt6k_euDM0K09WDrz1pnwXYwwsOcRBjJrjzk3cD85Qc-hzZ9z88hH5MthmbAtB2XmPzm2PsJYbiaksB4KzAGgIVbT1qcQMunpiAjCEbjibMyGZGL6PxYTXSK-YVFYCFCRofXE2BxNtE23NhuRx2J_O0pxo2cqTk5ciP8Hi16ImNoveZT_TmD6lpN60aG-v9prKmfJVv0XtRsEAfVcvamf3A9YISjhBZu5_oo5ChjPfgNqDj8oWwLEfn-6QWfxT_flC3B45d0rlGMonPqdq7zJut6Tt2eSRil_KfkvY-0SkwN7_p0Unxy8Tt4ViPBy-j8htjrnglyR6499ML2gF0EtmXJmxECN2tVszwYRNx9dql23iCQ0Dtp97LlDxzax0FTVgNu6j3sNeLQhreY6iYM_s98reHvgl5TZef5PIrs-GKLxxQDYxmzorV6VfmRX5rKkgLuI6yPjPE5FxfKLa0Ps98kzei3lQrgnqqxsYWK1xRWV33V&cid=CAQSGwBpAlJWXac1Zq7farpoYPb1TivLn8GA1HUhohgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&ds=l&xdt=1&iif=1&cor=1935180824768971800&adk=1761367587&idt=84&cac=0&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 6D85 30 KB
11 KB 8ms
6ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:50:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D85 41 KB
13 KB 9ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 09:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Aug 2024 09:49:49 GMT

GET
DATA 200
OK truncated
/ Frame 6D85 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0803433ac84cc454e2af8c1de987a2aaa705ca8e1da89a566b63eff4d1c69de5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame DC38 0
54 B 777ms
248ms Ping
image/gif 2404:6800:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llld5ljs&c=1302430210121&slotId=651215105060.5&qqid=CLCPupbT7oADFaYBigMdTKwHbg&fb=outstream-lima&sei=44730425%2C44752538%2C44787954%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC38 0
20 B 23ms
23ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CPcaN7tDjZLDgK6aDqMwPzNie8Aariab_canbscjqEffSor3AARABIO-r2zFgycapi8Ck2A-gAY2Uh7IByAEFqAMByAObBKoEvgJP0HcaLa9Xa9Ruri1skyrR5PhUHmAaMpryJiDZgyfVGyTWNJK6gFdGtuQxuDjLHxXymgkSgRs6apq61L39VqmTChdrxJ_3D-Oajg3SDJjWw0Z2rraNDAxaiFuxS5UW-79vNJ17ZyD4p2RZleG5-zP7AWOubrwzJ6UL6-_mgRL8bL37P6feLMnwD6XsngKaJ9P6IKvej_AfGd3aqxdA4nYz7zlfDA03M4FjPJgw8Sa1nBUS53dwKvjoEPN1nk5Tg5T2HR6yUYKTHdB6onqFMQE5u9PA9zN-RQ7iZH7KxdLnc2pu9Rh2te-Oi17mHHYwQt-5oYOaY05mq2SaGeU_WSiOviwxQld3xyBO3r_OzNqD1wHEI-AxPNm7t793HVJXFqxPA2bH7d_C1xGVQqhWRdvB6-R5nmFzuCCsongIykDABO6t1KKlBOAEA5AGAaAGdoAH2-v4zQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHgCwGADAGqDQJVU8gNAbATrKqkFNgTCogUBdgUAdAVAfgWAYAXAegXAQ&eventType=clickstring&clientTime=1692651761000&ai=CPcaN7tDjZLDgK6aDqMwPzNie8Aariab_canbscjqEffSor3AARABIO-r2zFgycapi8Ck2A-gAY2Uh7IByAEFqAMByAObBKoEvgJP0HcaLa9Xa9Ruri1skyrR5PhUHmAaMpryJiDZgyfVGyTWNJK6gFdGtuQxuDjLHxXymgkSgRs6apq61L39VqmTChdrxJ_3D-Oajg3SDJjWw0Z2rraNDAxaiFuxS5UW-79vNJ17ZyD4p2RZleG5-zP7AWOubrwzJ6UL6-_mgRL8bL37P6feLMnwD6XsngKaJ9P6IKvej_AfGd3aqxdA4nYz7zlfDA03M4FjPJgw8Sa1nBUS53dwKvjoEPN1nk5Tg5T2HR6yUYKTHdB6onqFMQE5u9PA9zN-RQ7iZH7KxdLnc2pu9Rh2te-Oi17mHHYwQt-5oYOaY05mq2SaGeU_WSiOviwxQld3xyBO3r_OzNqD1wHEI-AxPNm7t793HVJXFqxPA2bH7d_C1xGVQqhWRdvB6-R5nmFzuCCsongIykDABO6t1KKlBOAEA5AGAaAGdoAH2-v4zQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHgCwGADAGqDQJVU8gNAbATrKqkFNgTCogUBdgUAdAVAfgWAYAXAegXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DC38 0
54 B 763ms
251ms Ping
image/gif 2404:6800:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llld5lk9&c=1302430210121&slotId=651215105060.5&qqid=CLCPupbT7oADFaYBigMdTKwHbg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1sn&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame DC38 31 KB
17 KB 93ms
50ms XHR
text/xml 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A3zTEGX3FOLG4SenUvqkk5M5OMXosT-3cl0Uhm-9MRCyfZrQsDu6Xx5E4yJ5LOyo8dvV8wQTmFUDgt2zgf9EFt8awI-g&cry=1&dbm_d=AKAmf-CAHJTkeYjWpMRzdOZOsZsAZy7xmVwXR5s0Gma0h_eXVDm9DRcR1AYAB-uOpaqKJsRusssO3RjUYEgYLZtvceQhaJg90s9z3uQrcaKROXs1c7JiIh5qcduTARIv0aG5PdSB5-m3hHIKfpDje9aa_UZwgs6VLAvZX3LXIaEJd4yAs8TylsQr-Ig9WNMF6x-OUHdF1OU8hNWby4ADTAZo1T4gQLMiQi72P4C53jSr4ZaQGrrTIZf1HTJ55IjK3ktS61Dx5ZjNT9bhNsJIvtwWjVMoF5Kpll4yf1sHAbiJmVvPBmTA4To6RnGfOqi8MQ6uckJOjt4jIGlFh648xdC2nb9SiL1sPZcrJBTlrrOd5qdLuJ2arcvBmt9br-vDfTS7AZvPYQRbmYunp0sdmdE3QfJBy0fHx2p_3wOBZAiPvnrNVtttGoRLVbjWeBLW4li68aZxbt_dNQb-PZl56rztuTYOa8u1vZwPxj-q7uByxM9CFr1Oqplk_u0cTBgAQGnEVuFnYOKHwtKEILhiyaH3WXclGLYikVtEyxQsfBgH21Gs49AaId66iRKyp0cJw356JGwnctjme1cf2QDQSORCiM7jQyMJGUZCCQvluFUyWA7FLTWHQn5zHWV0TGEMuDVPzhlRVIact9bp-zV5llnK-wVngSmN_3Yhl5Z0sFhL83sucrFH_P39Y0Vrk17X6I-UBI1mPHw2u5vV_QvGP4gG5MLaRdkHJx_c8gU8mg24ng0H5QbnnfJaoRsl1677SB9C9poEf_1Cnl-uUrzl8eaXKZH1_mOhxYA7hnBLXKYPBjwPtvAeqMg8nSS0SR0IM9JiyEYUYtIWhm-z4a_r5aMn7w-9rLl7XKJntsmBEYDr2-SfSDY7Eyq_Qlf7l02AFPMdxgY2XSOMrdMtIb5-x5wDU8qfi-j1GtovIjMZNCX-VoYqNdIjqnHIYEja-bNuPnLJg8Vo1uQO5rPIFzfcnK43cWfmGWmlo2DQiPC58xtwiFwY9Qe50LVW8cCWpwEzNbFMPd57EAeuKrdvBiydCR25GAHe9E2M_5mPrFOjxRejhv59jIFqCGwkHQ9tIUxxDNtzSg3EiUlx-5YDgzN6-cuQquahbKSUrhhlCgz9GgXp0uEGPvvRhkuAzga4UZPqkVzWOFARvGX1ZPaHTIjeNxzUFhqH-W-DEk8zkFsdv25n1WEwIehkv6tjjPySyW9CAgwosvu2C4DXqvBd15y_3n0EzWRvItIp0Zqb9uKXkngajqRzGY0Kgc33W3pGGTJk6ZG06oYJqB5nqRvUL-Uwe15yDgFRhUa6sz9I5tz9z0obfISHdpYnkQXehs2nVVNkgvT2j2TRu7ZwEnkaDKfGkgmMxqV1foHgTgK5eXv3Xbj6UpBI-h5qf5mqPxvGT0YK0BijSeiVhrjG5dxWt1Q01n1xgZk34N8POLlZOAjTZBDme-Fbo1Gs3C0GJViYW44k1BKD_Tc0Bx9EwAIU77HL79x1BIV8oF0ilDCnzUTZpsMgjMJlTboPa0OIfkFU99u5sok7eZh6akpk_RJELu3d9L4vcqP_RrabPKKzCXt9jSezj2weER8OwDoKWJm-DJ5IIZ8M0OHGGmE9mpv3QVybGHosuXiN3FKC-DyVSy_IkTeapy2qa0lbE2Ncur4V6Q5JB5Pv0cg4XbA5VcoH5WBoJJlmiV_lf0O_tCHePtADFhJvHrqlCHPykkU5Utc6oU4-fh7hqW7jtq0oRav_aAFPJQ32SUGD5-MJsu2X-uZhqYVm5WgbN1zdaX0_le3f8bMCcBxrvsm-qKBct8kgIrZjZ9mFzPsQ9QysaQ0ny1BM5IxJ-H27tUnX1B8pdW8xqb_PwxCiAI7R47sPLkp-26rqeUxEtQU13YFCUVHFvgRrkoRlyvF6R9Ppn2pJOyjrGyRezgt2W5CiQWtt8V2EuEBIFb7UBAwEYC9gVvKXJk36gp4EXAEDiy-MJZEeo70LsTY1lKBiLzu3syureuhOIyTFo_ulCaRI8EHxjiPcLCEtALJeGg00SlRTt-g76lXAda0Xpv4AQPKMzbGxxMnGNuKb4uvQEeRA-TuRy-RYJDTssKuinfawpNXoMz9m8CerH07sTz1WUyQ_UlgRSlwJuRC29uK90N9vJMd3VGLBF5rz-MA5Ejw-oEDYOLIiZ_6rbRMDzwMltPtT2HEzf9wBlj3vatL47kXYwvhmQEGLrLxXeVnYCCUYKe1VSmVYIvfIZG2HsRd-ygQKsALYegE9YZrZEuKkC2VngpHHJ29WfBiW0syNKupi0Yso9yCl1_1kyY01Lb9c8J0jh7P-MD9FTQAjeq_4sJpUc4M_SpnlWV_tuXEinQJHdkcBqc30p7cFXeJmgGoteO4fyf6U1uPQtrIlh_KtWcplVAOiY1l7-635hKZ8-Hw0-t0sYbkAqfx4qHgD9sKv3TmR42hldFQbteqWrOY5_9viE4_f1OGbRFBHWpjCZYGvyD7FRASD2CMwSFc_-yYZ2rS9-2UB-iMjeExKf2E8_hnfjHmcxpNykJ-SYUex43stMRwzkBC4J0BHLB7pWtO8mICy8n8Io8FHLbqe0E3I31lqirKXc7odlJtwPswtFT_UNZDib1fJptStDgMAcztfg0YxTZJ37osBGyVs5vcpBhVdQ_PkKQ7FDZUv9nhiQSn66kAUG_DJp-uPApUPAe_knK600-kDxWiPwtUHauqtb_V2uNIt9S329aYTIHpfArwT-yXX5jerc9qwua2gHQbK1n-SrQXY8rfaqzfH6T3T5DWBxoveQ0539nADEdIk_rU0esyJuleIonSaSMQ7a0tBYvWVSqR6Um4SFk3fLhrk_rUt0IRpQIe8v5KlhbgeXIRMW78kZKd6T02HLDpBny3Gxly_VXGkuHE73z9g8sBKve3ziBLRHKvNFzuxnceTSyVZMgupallPXl5QlZYAxvK7JuzY9Gsxl2R6OeSmbFQwiTjkihVZ6esBkan4qFuTDPz2GediGobKZspMCxAkh8zn-XFHMCtgn_lv3_XnAo_X8LkdRSC4ZSHIgoGrtkLnme2Zcm1cmthAFDqwh5upDnhZUeT3th-Re8lAxk6pi4qReLB4jHBBqR4EYCROkyT93ffgwxmI2MchERlkEenG8lDRnswRbVrOHUBrRxJQeJ1kWOmx63YQCHDt-Ry47jtO2ngSvLPqCLcqINxNygSdq7c6pntfd7xkZpWIQvr4rkqZtHVJA6WmHZrXmKckWk-3WUTPSukP5E9F4f5To07yCvpiHxPL4Ima_5Xiyi72D_r-P2vQdfOt_JILa1snGUKpPKobNuVftmKlXOXU_3cvrV_gEhRUh1Bmn34bLJr8ntT5AJ8OTFAfo4FSPVbPU5b6PShFipXoJehsgEVpGFUs_awTfhk2Uxv-ffDcx60RA7oy0EzsDalUVtgjKsfsNwdNT3hv5HEjiNMMNLSGTjDpxqD9oUlHXAGMhELGLUpbczMp-PeZsGlgaymLJIyGbgJX5nSRnWpIQhz70Jg8mY-Sy98uF0-OvL1a880o0emHwJWY5SUOKer1kOn-9NYOtxB1pppH4DymH_vYe6luJj7LFhLwi0L3tX3G_CTDFsh231ji0Lq8Ik_-FOKsh2FcybKLCsEJtELlLW875u6iLqb68nM3B1jNZT4ccSnNcldX8Mr9EjDxAbsfvCPOAn7gcS-l3uTy6ZTzNtQUB4vyX6Z5nUx8qVR7fNm7Ur2oMQutFUCA0hZY4q8_I7P5PFstcIJAYB4NbzO6PHvIFkUwqkmhFGN-s2Fqk4GY&cid=CAQSGwBpAlJWXac1Zq7farpoYPb1TivLn8GA1HUhohgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

1bf546ab5db217ff46a35eafb202216c58147276ebabbec42c1a0e0a826394e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17398
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 52A5 2 KB
1 KB 32ms
9ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOPQ7wAMmTYFKN8hAAkWxydLeVCIdKW2y45Mvw&u=%7CL3u5I77JiBf07ds2DYOid6HBz2%2FqAfqsCLQ3a9HuTHw%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGLLPgbbfBchxWMzS0QnKEdufuvGNxEvA3bQdb2aqbGqTYkiQf3m2TWSKvbsvgIfWMXFRUq_UGowVwybVGG-JxuHkV2y6FP5EnvzxCJLAvrgTDTZ0P0vfA2LpZe8X9-Qb7wbCu87NyZFiYjzIRHevgHkyIi7vUtRMw1t_29BLkDXnOr30jtoe2I5YvMDhj6yvWhTXJjLfd55rcnN2-aAMB2m4LSl0qMV5j6qy6EkepS-JJiWb7K__dPPQjyDY97Yw7FHQCEzutbjzkOzrKu6iCPe9jF4DX9VTiavbQqzuUPt-9Dq_OMQ603UgQJq6g6ojDG6wPX25bo-4RC9IbT6fGMo8p6AIppjvSoeeSo65TlqpoRWxWyfam4Bbo58arfe3Hv7klvI5dypYeNL9DT2qFz3MmQkP0sOyvYIjR5lTTcXjoTYqd7yX8gjCutMV8oRGpL33sV29j-rBrBtFZdgm3QpMdjh0tKBG4xLqG_U5_teQ4GENOdOvXtEMOXANBBQ85Rape5sc-lWqThF7AqNdalV7OO7jeOnVkBIwJ87TzO5keGC2zjPS0JUm03h8FKDh1tey-Y_5aHLDVgcnkB2berD5hfEZKOaZfZpLJE7I_4iH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTWRn79DjZLayMqG-o9kPx62k-AGcge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzE0OTQ1Njg0NTQ3MTU5NsgBCagDAcgDAqoE5QFP0K0jq0iXyfrDdCS1_upfLhpVm9RQwM-LuU_knQGyYBmC9b7uUKFPFdP7Th068AoG4kXGLWnDFsWgUxuRAJzPQuop152-dOf71XxI25CzaNaoab85zoeZU7wm4GxmFZsbAoTOUztQGKUeUuhr0ougYeK0oEt7U9Qq08ojNGExxO7qUbVo0L_5bai13BdIPyMFpzsmuTx89Cn9-DDDsTZVv6q1ZwbtND5KX2GKkNl4R7Szuapva-BIunkUFJLxPreJCK7HyKx0X849eZFPfjU_kzLuu4tjFrDVkrOp10Byj_m1kS_UgAam9uaDvZPNugagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DNNsZcSFWlcfNP7mb22yH-zsgEQ%26client%3Dca-pub-7149456845471596%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 52A5 2 KB
1 KB 37ms
14ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 52A5 308 B
636 B 17ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 52A5 293 B
621 B 18ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 52A5 43 B
348 B 424ms
15ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=ONG1BFLDyEaD5ASkq_UYrEcwhLxAyDHxztEgJKCdoAdAvvz_11v0FjQ18pw2yfvwHrel09Ffba1Dd3KIPsW9bos_pqoBYuEC0epIdjNhJsCyAGMBtdUM9teLDf5jGL_GUevWqtgfqX__VG6xGdEfVHVz8nBiwItw45H_i4ybM91Xecs12r04aqyuYhA3a3f7xJiJK4Y0Y4EIU7gmHoPPpDjYchYT-VTpmY0bktd_TLQQE-knkW_MCGC5Aqd5q_wlTUJUq82yhBweVD9pcBzrrlaO7j2xDpwqVKnR27EJ4kh5Zeds4w-iAmUoxlXKsIgTFi4iTfK6mYWeItmZf-qq1GrAwiytd6uunpPnCT3alSJ8Xpa08aYY7BHrrGTLmJTOLvfVETbFkY9Qdgyy0MFsh--awxH0m84N5wJXbAapPKCHT5KBURsn4Yev1uPhYd1a3dnMMReyprjcLfaM5nobE35YBv-hwcO8_kwmCUAuZ2zFF9Ma

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2865997
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 10 KB
3 KB 33ms
20ms Document
text/html 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d9dc5cd1fc127cd55564aa1591a50eb20015392a3b6823c37e10346192d13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:02:41 GMT
expires: Tue, 20 Aug 2024 21:02:41 GMT
last-modified: Fri, 12 May 2023 10:12:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D85 0
0 94ms
36ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6j17t2DBAOEoUYJiimrwqwNTH7seMQzMHjRH7aQxrxXIjMEEh9fRBQ8WUtfgMaMwRddedCPawlFGA-eBdKZ4z5OacPHh4zP93cx4iO7BEiMAXeNekO8didcgkEXX5uvJlyxW1XbV4bBnIhwbM8UteDTyKaLAQc3WUnzIrLJw6WUP1NrNWXSnA0LaBO1KB6T830xMe_WqxwCyA4j1OvaS6OX_nrX8ykfecyspab4rJwG9DKrsVE_zOc8OKAvDSA1N-AbUF-uS9JT8vAb3VTWJlXa1xcLIJMO4LTMJueVIRyIJjS3iaRtSl6BATRwpQYkpXNYstesESSChb2qranUggkBZXH83l6-9HR7avn_wSzkQP6pmqoEPyMQnqnAuM1_KcArZ30PQImY473mR7DqqQOje8fg7kUbDCbUs6EOGH5AmiWPvnTXV_vz3nEsKtk9It65gxwY_ck90xCieauCU_KGctr7IekmqgQIc7dcb3BuFsktuGC_BVdPz7xOb7PRFlQ5uLh4pBPkBdiSy7ucCdR2GOTT3-d729WOKzzWbqZI4tLT4p60nX8HoM8eS_VVhDhc0nAG9TBXgnxKN9hO8DNzgLMNdGYLrpiLB87W8s9qbWOpP8CeUU_6hrmmVDadyOS7Lt6EMS30CBy25iIF3nGtkyDHlZOuVunbu2f-ujlVgLWRjsfMFkYGVjnVwzQUu8xF5dnjz6U4xqVlWk73y_M17vtZ15lozoQg0IVAJtYd3amw8zEiMJpi-0RZi3-yZzehR_uqqmMxi1EJENt62p8dkkUMnQ0xUvAjqZV0ecP4e1Osuu3piPfAKb2CGpPB3w0nrxBs-NGEB4FSFpXiKKIiF_-j2KHNZ5Ztn_IAuPdE3APVNeqEL0jek01OQ79xJggiJQpJo0fpTUNZFRgiReeqSZwhrqMsIDPlxpFU6dp40fas6F_6cxXeRmA-nhtQcLyO_2N4tW681y4PuxZZgh3WqOruIPRZXX1OX5h6NOoY0rNKMpnclCZR-VGfotT3vtH961-NSMBFeE9wnhejXDmIIoRDCRsgW1JvX472IAoJGAk4bYTf6F9cTV6Am_miBX6SBZWEs4GslpjUq3KHHsniHAi35DNmrua-7DVjDa5kQyFUoJ2YtxRLR5e_lcnr08k8bxYmuIMUfRPZAnGOibd7yrcRDDD9TZoJnU7_1GThumva1nl00_SAAAg9bb8UdJwZg73-KHxtiyYzIu1u81CMjg4E31nErD5sF298HZ35-0SEJGy0Nnsogkx-f08P1mxTVhMH3B6U3a8qhD37WJQiKM6xCpxZi59SkDC3jZUI2RumbsAegplsnuWSEK3EN8mJY6R4N-8qBHDoPMMIE6iVvrWGDazWoQF3yPJKSocfSPRZPLGetffT5L9zWh1A&sai=AMfl-YRgPQj0LrJlNd8SyKOprfFztmUZtl9x-bTPaow0vsizxnmH7K3XriSyCEhkg8l64HVcbmp-hEQIKBBecFrL6ybu7V-09Ey-T15csRXo3UTRCq9ljh9gwjOesVUgSJ_NB-NTVbBO4zD1_ScuYBSRe7zVmiRgk4oFHVgGm-Em6Fq6Spq-iL0&sig=Cg0ArKJSzLCOWn0VQ00hEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&cbvp=1&cstd=217&cisv=r20230817.41397&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 21:02:41 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:02:41 GMT

GET
H2 200 B26794851.367242174;dc_trk_aid=557814693;dc_trk_cid=191887664;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_exteid=ABAjH0j6MGLmgXxSpRSWjDnvayIm;dc_pubid=5;dc_dbm_token...
ad.doubleclick.net/ddm/trackimp/N1147831.279382DBMJUSTANSWERCOTA/ Frame 6D85 42 B
440 B 77ms
43ms Image
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1147831.279382DBMJUSTANSWERCOTA/B26794851.367242174;dc_trk_aid=557814693;dc_trk_cid=191887664;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_exteid=ABAjH0j6MGLmgXxSpRSWjDnvayIm;dc_pubid=5;dc_dbm_token=AD1EzRQAAACuCqUBCgwIABUAAAAAHQAAAAASDAgAFQAAAAAdAAAAACISCLvT5PtKqAK61J4CsAKO_vULQAHSAioYASITCLGPupbT7oADFaYBigMdTKwHbigBMAE4iu7AsMARQAJIAViIgSCqAyxDQVFTR3dCcEFsSldYYWMxWnE3ZmFycG9ZUGIxVGl2TG44R0ExSFVob2hnQrIDFAiAYRABGB8yAooCOgKAQEi9_cE6EO-p8ekBfcw21aJGDv8e1RjYQApjQw?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CF76 22 KB
8 KB 9ms
7ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 40372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 09:49:49 GMT
expires: Tue, 20 Aug 2024 09:49:49 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 52A5 15 KB
15 KB 43ms
16ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 01 Dec 2017 12:57:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5a2151ba-3b68"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H2 200 b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 52A5 31 KB
31 KB 53ms
27ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 30 Oct 2017 21:00:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"59f792d7-7a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H2 200 8cff32a211f14f2eb7f8edd3b7757d82_gotham-bold.woff
static.criteo.net/design/dt/ Frame 52A5 31 KB
31 KB 46ms
20ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/8cff32a211f14f2eb7f8edd3b7757d82_gotham-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 30 Oct 2017 21:00:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"59f792d7-7a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 21:02:41 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DC38 0
234 B 579ms
248ms Ping
image/gif 2404:6800:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llld5lkq&c=1302430210121&slotId=651215105060.5&qqid=CLCPupbT7oADFaYBigMdTKwHbg&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame DC38 41 KB
15 KB 11ms
10ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 16:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 16:27:27 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7380325298480f05/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724187761/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DC38
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/7380325298480f05/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724187761/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7380325298480f05/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724187761/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

55ms
6ms

Fetch
video/mp4

2607:f8b0:4006:15::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7380325298480f05/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724187761/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B1A3E1A2A4003E23021D2A33754253A001C5F38.4F4FA3118CF7D2DD3F1FC90F33FE752E33DDA524/key/cms1/cms_redirect/yes/mh/JV/mip/2a0d:5600:24:1500:1011:9495:610:c2b8/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1692651439/mv/m/mvi/1/pl/48/file/file.mp4

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:15::6 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 21:02:41 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4605367
Last-Modified: Wed, 14 Jun 2023 20:07:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 21 Aug 2023 21:02:41 GMT

Redirect headers

date: Mon, 21 Aug 2023 21:02:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7380325298480f05/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724187761/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B1A3E1A2A4003E23021D2A33754253A001C5F38.4F4FA3118CF7D2DD3F1FC90F33FE752E33DDA524/key/cms1/cms_redirect/yes/mh/JV/mip/2a0d:5600:24:1500:1011:9495:610:c2b8/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1692651439/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 86C2 2 KB
570 B 25ms
24ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:07:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 21:02:41 GMT

GET
H3 200 jquery.t1.1.css
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 15 KB
3 KB 13ms
10ms Stylesheet
text/css 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/jquery.t1.1.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa4afb5786d5b9eca46bc26edad83771dae4cb095c962ed8ac7304659518046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 21:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3177
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:12:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 21:29:41 GMT

GET
H3 200 demo.css
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 453 B
319 B 16ms
13ms Stylesheet
text/css 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/demo.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f2c26a15bd0540a1d2238d5f2f32c8c868b75c6aefc9b2a210588067742b641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 22:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:12:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 22:19:17 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 86C2 120 KB
41 KB 17ms
14ms Script
text/javascript 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 13:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 13:11:03 GMT

GET
H3 200 expert.200x200.jpg
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 7 KB
8 KB 10ms
6ms Image
image/jpeg 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/expert.200x200.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62260096cabbc6e8b49e200b276a2a83e309c687fa91fac70e1a1b25c543be53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:02:24 GMT
x-content-type-options: nosniff
age: 478817
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7663
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:12:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 08:02:24 GMT

GET
H3 200 verified-icon-2x.svg
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 1 KB
699 B 12ms
8ms Image
image/svg+xml 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/verified-icon-2x.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3ad744d2b86ff68eb611bdc4d7335d3181049afa9ec171b21b15c262943dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 21:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 670
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:12:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 21:11:12 GMT

GET
H3 200 5-star-ja-img.jpg
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 18 KB
18 KB 19ms
15ms Image
image/jpeg 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/5-star-ja-img.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d833a2a292235d5a07ed61bca43b8e0e6b541a31dd0828116edd67b0456f8760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 21:29:41 GMT
x-content-type-options: nosniff
age: 430380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18498
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:12:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 21:29:41 GMT

GET
H3 200 ja-logo.png
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 9 KB
9 KB 13ms
9ms Image
image/png 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/ja-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a7ddc95ad273bb87da7b8db59a63d8a9db62ad515ed22639ff0ffac8d5de52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:01:32 GMT
x-content-type-options: nosniff
age: 234069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9331
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:12:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 04:01:32 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.3/ Frame 86C2 95 KB
30 KB 183ms
10ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.3/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 445130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30320
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-7670"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6Oa8eldDW9zRAnoDKwfq8O6tcSRr0NrEqpeI1R%2BLjPjlbAkV50Bp0HvFYEAp1l4%2FN0oFHSyeOuKNUE6I5etf07XhV%2FySUrygl2rJEeudEIh2OHdPtC9zKiHvxu%2Bamf70r2T4hW6XixNs%2BWGP356Nkug"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fa5d18599421819-EWR
expires: Sat, 10 Aug 2024 21:02:41 GMT

GET
H3 200 myScript.js Show response
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 27 KB
5 KB 12ms
8ms Script
application/x-javascript 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/myScript.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13d51f975c2a8858eff6babf151eac3b9fef9c37fa4c6f2104304132a92c9549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170672
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4873
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:12:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 21:38:09 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 52A5 12 KB
5 KB 260ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2261958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVtFm4EhJ92wHaB9iFlAuXPFKkWm9NovjFObfj31ULkeSss%2FbVN9lOrnm9OK9jyMkOweffkhFLe3oY62X5Pkz83PtD6K2OY%2FJM2NX4cs3VDIIQZXPExStkH96HJfA0ywG8xJFhg0WOiemjbfSuazr1qZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fa5d18599461819-EWR
expires: Sat, 10 Aug 2024 21:02:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 52A5 12 KB
6 KB 51ms
12ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 52A5 35 KB
35 KB 339ms
48ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=103153&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F103153%2F4852943%2Fa1c8eb223a7a4b768da276bb6e6ff424_screen_shot_2023-04-27_at_11.54.06_am.png&v=3&w=572&s=NctlZoCp-PVxrNfj-pDHw1wr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

80f0fdfe45fa8bdeaa7c9910fae30f4b06333b5b2f47970c54102976d9f2f099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 35902
expires: Mon, 29 Jul 2024 16:45:52 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 52A5 22 KB
22 KB 305ms
15ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=800&m=0&partner=103153&q=80&r=2&u=https%3A%2F%2Fbrodsky.com%2Fuploads%2F_styles%2Fportfolio-slide-fullsize%2Funit%2F433w21-3e-liv1.jpg&v=3&w=800&s=KIed2HoDbbSRDkz1j65_MfDl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

48a8f86f63a2354c99dfc16a7f9b5cff80e5543b2a18a95bf77ea8587afe17cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1296000
content-length: 22112
expires: Sun, 03 Sep 2023 15:28:50 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 52A5 0
128 B 157ms
8ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=4bbHp9sYpGZH0OLvb5oOwyJjQodoGCrLZIUbooO84cl2pjuHYyfW1WkX0JGzc7pgs5E5y2WctCCyNKtpHRYxyST_2lRGfveEtmJg_070CcrLNoQnCnKa066WvF2kZ1FJxSTxWsEjoiZ3FPqa_9A_PKQ84LTUWnG_wGWUxIdm1zWXNkR8ibquhOlzH-3i_vd3KGUW7m6Bb0NlDniZc4-Tk5mNBYiB0uFfuxMs4Osw1p2w3K9lyhxtNB39WpD0YYfIoArEveT70u8rFlkQ&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 21:02:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 52A5 2 KB
1 KB 10ms
8ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 52A5 2 KB
1 KB 12ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 21:02:41 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame CF76 37 KB
14 KB 6ms
1ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:44 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4E1E 23 KB
8 KB 46ms
5ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 414392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 01:56:09 GMT
expires: Fri, 16 Aug 2024 01:56:09 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 86C2 15 KB
15 KB 16ms
4ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 16:08:08 GMT
x-content-type-options: nosniff
age: 449673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 16:08:08 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 86C2 7 KB
6 KB 29ms
26ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5481c7a3ae092ce3d4eff6223b9e9a1cf1ad49ca32b96a4fef67614bd7a8595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5789
x-xss-protection: 0

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E1E 37 KB
14 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 12:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 12:58:38 GMT

GET
H3 206 file.mp4
r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7380325298480f05/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724187761/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DC38 1 MB
0 14ms
5ms Media
video/mp4 2607:f8b0:4006:15::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:15::6 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 21 Aug 2023 21:02:41 GMT
date: Mon, 21 Aug 2023 21:02:41 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4605366/4605367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4605367
last-modified: Wed, 14 Jun 2023 20:07:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D85 0
0 26ms
21ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6j17t2DBAOEoUYJiimrwqwNTH7seMQzMHjRH7aQxrxXIjMEEh9fRBQ8WUtfgMaMwRddedCPawlFGA-eBdKZ4z5OacPHh4zP93cx4iO7BEiMAXeNekO8didcgkEXX5uvJlyxW1XbV4bBnIhwbM8UteDTyKaLAQc3WUnzIrLJw6WUP1NrNWXSnA0LaBO1KB6T830xMe_WqxwCyA4j1OvaS6OX_nrX8ykfecyspab4rJwG9DKrsVE_zOc8OKAvDSA1N-AbUF-uS9JT8vAb3VTWJlXa1xcLIJMO4LTMJueVIRyIJjS3iaRtSl6BATRwpQYkpXNYstesESSChb2qranUggkBZXH83l6-9HR7avn_wSzkQP6pmqoEPyMQnqnAuM1_KcArZ30PQImY473mR7DqqQOje8fg7kUbDCbUs6EOGH5AmiWPvnTXV_vz3nEsKtk9It65gxwY_ck90xCieauCU_KGctr7IekmqgQIc7dcb3BuFsktuGC_BVdPz7xOb7PRFlQ5uLh4pBPkBdiSy7ucCdR2GOTT3-d729WOKzzWbqZI4tLT4p60nX8HoM8eS_VVhDhc0nAG9TBXgnxKN9hO8DNzgLMNdGYLrpiLB87W8s9qbWOpP8CeUU_6hrmmVDadyOS7Lt6EMS30CBy25iIF3nGtkyDHlZOuVunbu2f-ujlVgLWRjsfMFkYGVjnVwzQUu8xF5dnjz6U4xqVlWk73y_M17vtZ15lozoQg0IVAJtYd3amw8zEiMJpi-0RZi3-yZzehR_uqqmMxi1EJENt62p8dkkUMnQ0xUvAjqZV0ecP4e1Osuu3piPfAKb2CGpPB3w0nrxBs-NGEB4FSFpXiKKIiF_-j2KHNZ5Ztn_IAuPdE3APVNeqEL0jek01OQ79xJggiJQpJo0fpTUNZFRgiReeqSZwhrqMsIDPlxpFU6dp40fas6F_6cxXeRmA-nhtQcLyO_2N4tW681y4PuxZZgh3WqOruIPRZXX1OX5h6NOoY0rNKMpnclCZR-VGfotT3vtH961-NSMBFeE9wnhejXDmIIoRDCRsgW1JvX472IAoJGAk4bYTf6F9cTV6Am_miBX6SBZWEs4GslpjUq3KHHsniHAi35DNmrua-7DVjDa5kQyFUoJ2YtxRLR5e_lcnr08k8bxYmuIMUfRPZAnGOibd7yrcRDDD9TZoJnU7_1GThumva1nl00_SAAAg9bb8UdJwZg73-KHxtiyYzIu1u81CMjg4E31nErD5sF298HZ35-0SEJGy0Nnsogkx-f08P1mxTVhMH3B6U3a8qhD37WJQiKM6xCpxZi59SkDC3jZUI2RumbsAegplsnuWSEK3EN8mJY6R4N-8qBHDoPMMIE6iVvrWGDazWoQF3yPJKSocfSPRZPLGetffT5L9zWh1A&sai=AMfl-YRgPQj0LrJlNd8SyKOprfFztmUZtl9x-bTPaow0vsizxnmH7K3XriSyCEhkg8l64HVcbmp-hEQIKBBecFrL6ybu7V-09Ey-T15csRXo3UTRCq9ljh9gwjOesVUgSJ_NB-NTVbBO4zD1_ScuYBSRe7zVmiRgk4oFHVgGm-Em6Fq6Spq-iL0&sig=Cg0ArKJSzLCOWn0VQ00hEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=923&vt=11&dtpt=687&dett=3&cstd=217&cisv=r20230817.41397&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: carasettingbaru.blogspot.com
URL: https://carasettingbaru.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 21:02:41 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 86C2 17 KB
6 KB 79ms
75ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 21:02:41 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 52A5 22 KB
22 KB 122ms
115ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

48a8f86f63a2354c99dfc16a7f9b5cff80e5543b2a18a95bf77ea8587afe17cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1296000
content-length: 22112
expires: Sun, 03 Sep 2023 15:28:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 52A5 35 KB
35 KB 49ms
39ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

80f0fdfe45fa8bdeaa7c9910fae30f4b06333b5b2f47970c54102976d9f2f099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 35902
expires: Mon, 29 Jul 2024 16:45:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 33ms
33ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230817&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaf926fcdf61f32b16fad348a2e35a432d9ce87ea28dcc73323b8d91bfaa7133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11636
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0245 37 KB
14 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:44 GMT

GET
H2 200 tabel-tahapan-respirasi.png
1.bp.blogspot.com/-F-4MjxwaJMc/XWZsUrvF0cI/AAAAAAAADmA/MqeTzYChQ_wN4h4qyj1IU5h5uuh8a-Q_wCLcBGAs/w600-h300-p-k-no-nu/ 16 KB
17 KB 94ms
40ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-F-4MjxwaJMc/XWZsUrvF0cI/AAAAAAAADmA/MqeTzYChQ_wN4h4qyj1IU5h5uuh8a-Q_wCLcBGAs/w600-h300-p-k-no-nu/tabel-tahapan-respirasi.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

45f47dbf9980fd5a6300c9538b11ed634880b1bf4f61d4ab692851231f99a198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:42 GMT
x-content-type-options: nosniff
server: fife
etag: "ve62"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tabel-tahapan-respirasi.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16655
x-xss-protection: 0
expires: Tue, 22 Aug 2023 21:02:42 GMT

GET
H2 200 nafs-kejahatan.png
4.bp.blogspot.com/-sNWulwxWeDg/We3A1SodWnI/AAAAAAAABwc/1tK0ppyyXYM0hWZtV9VGspKqt4pfvcpfQCLcBGAs/w600-h300-p-k-no-nu/ 15 KB
15 KB 1782ms
1722ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-sNWulwxWeDg/We3A1SodWnI/AAAAAAAABwc/1tK0ppyyXYM0hWZtV9VGspKqt4pfvcpfQCLcBGAs/w600-h300-p-k-no-nu/nafs-kejahatan.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc5816ad0d5b7b6377f7b913b4ad79ccce53fccf4da503b6c98c8c3077c0f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v708"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="nafs-kejahatan.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15365
x-xss-protection: 0
expires: Tue, 22 Aug 2023 21:02:43 GMT

GET
H2 404 AAOd8MwUDSB7LUi00jr5wnryFYrC97CROJyV1Zc2JipgE7Q7W3Cb5RfLLFhq2b3tsOP3EmaJyNdghp2oLyGzXFvRQD7blMYjGobRpK3FNn43g78XlkxO3tG7PdB7PoMvQzBLbrAtHP5c1Q7Bm6lMNn-U7xJJPdejRj1OlqELlX1REb1nuD9xNJ_k02YGncNj7QxcN...
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 122ms
69ms Image
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AAOd8MwUDSB7LUi00jr5wnryFYrC97CROJyV1Zc2JipgE7Q7W3Cb5RfLLFhq2b3tsOP3EmaJyNdghp2oLyGzXFvRQD7blMYjGobRpK3FNn43g78XlkxO3tG7PdB7PoMvQzBLbrAtHP5c1Q7Bm6lMNn-U7xJJPdejRj1OlqELlX1REb1nuD9xNJ_k02YGncNj7QxcNeKKqJHgkXyizYTMXGBi3QNMN1JZITb-LE7ll0D1jIrOjgWfzDrga6U5=w600-h300-p-k-no-nu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D85 42 B
64 B 47ms
22ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxppEsV32Zky9cs0A9I45nyzMhtSjQc7XEbia2WhG5qa8qd6GfHIRse1O3Ua2C2NAhZBDHLDtyAoxnBdFk3b1E85kepk-3jqmWnNqFQMaQ6A1flbNosvwewdK1tbivIg28pGnOJh3yzA&sai=AMfl-YTBRGOezGc9Ch-BjstSUUU44oEP6gT_CNa7ixrpMdlhGwSqFE-yzz1VNq2xOhD384-HiVA1iDpNRYpR&sig=Cg0ArKJSzMhZcllSUKcJEAE&cid=CAQSGwBpAlJWXac1Zq7farpoYPb1TivLn8GA1HUhohgB&id=lidar2&mcvt=1065&p=0,0,90,728&mtos=1065,1065,1065,1065,1065&tos=1065,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3953984701&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692651760272&rpt=843&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DC38 0
54 B 248ms
245ms Ping
image/gif 2404:6800:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llld5lpp&c=1302430210121&slotId=651215105060.5&qqid=CLCPupbT7oADFaYBigMdTKwHbg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1xw~vil.2n0&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 21:02:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 319E 13 KB
5 KB 23ms
9ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carasettingbaru.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 22932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 14:40:30 GMT
expires: Tue, 20 Aug 2024 14:40:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A152 829 B
1 KB 38ms
27ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

59edfee3eaafda8707b49eeb09a1146ba277fbde94e855af959e5db90b5dc185

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yHG0YV7YiXhdZc193i3tMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://carasettingbaru.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-yHG0YV7YiXhdZc193i3tMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:02:42 GMT
expires: Mon, 21 Aug 2023 21:02:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D85 0
20 B 21ms
21ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5276366069716&version=m202307240101&ct=119&x=1&cor=1935180824768971800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pearl-2x.png
s0.2mdn.net/sadbundle/10094741497153260025/ Frame 86C2 9 KB
9 KB 5ms
4ms Image
image/png 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10094741497153260025/pearl-2x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86bd33670021e8992e55bd4e62bdf13760bd7a59c54189f43aaa71627b12f3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10094741497153260025/index.html?e=69&leftOffset=0&topOffset=0&c=fk4MOiKxcZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 12:20:57 GMT
x-content-type-options: nosniff
age: 376906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8944
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:12:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 12:20:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A152 0
0 17ms
17ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230817&jk=2243048199549426&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 319E 37 KB
14 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF76 0
20 B 20ms
20ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3fiP8NDjZNCOJ42qNcf9s-ANAAAAADgB4AQC&bg=!8POl87zNAAZGPLJIZjw7ADQBe5WfOMcqL8g5jb-LrpBJ96ybwFeGB683BXsl0tbhXIHlQpFn7zcofpQk9tOX6GH95v0GAgAABZtSAAAADWgBB5kDINIIkLzGD9a13JPXkcxW7WFW_IP9oZVDTlDzIvBZdV5fYXzA_lUspl8rIuFEzlvfTCwr13EvaDOmGObfq0YHpo_Xb1z5p16HKbUAv8rNwzBcH9A29vPp797boxlyKFDlrbD3MRHPHuC4Q0QhdmJQl6oNbq9Ta6qqtpzFdh9tW3gn50O8CdvHNnsRainT96G3Ejiqad6JV0qfGokdmgk75qECqMvtQs6-DC95jSDilDUktv7EO-iJfK4K3Z7qAorhCbsrnxAoScYDw0O4Zs_kHozoZzYT1Zlf82iqAGg9WJZHudQYLQUEeQ8OrdO1WFIUGXFnBQFnZ4Y9cR19kuVMvPdajR7x2860HhhLAlYShcpiWB2aCdHwNPJtWqbOBC3TDqMf_-TKbq2gF_fWCyAvd6AfvUjAwGq3pIOZ_F6PS-adg_RpSxaGC3pnue2zne6p9s9l8jAInuHFTb7U1S8iLvo6bOOWz1q6X50n-7ZCoUSyt0nlag4PC9SW3YUTSXeAB688ghq-H2u3hOVZa5Jquc5jSEjWWXoH50WJ8oCnzBVip9fpv_6X5uU2rRRBjPmR5EmZ2CuwymuQhRV97bk6MOFLmDj8sJwuxJkocGFrMOkvbGx6Y3RGdCdMvYMxiEqxp33-ArQ_UCTYlv9sSLfNSAWeXmX6BE-FFJOvXNgta5Bply_7tkr2yTnvqqbgvCOE9Mxx2TW1WyacjOD5b03HFUyr9bUW2clpmsT79QWqU9z6zB3SoZI8lnjGw3tcFjR-5I9-9uzhzrGoqTRe79gseRWrM3-AMVdlvSKJlR_zCcvSKHlmmPrOoCrjZS40jzZjXUkAXp_rdeAbrvRz2xPNbHVtK2-6eK1bFo_dCH9PNqBg6j6dbn4tRSiy-8NtvzkAQNZ_qLwI2vOjendtRI99w_8p29aeJMen9xxLE0B2DPHIEsYLOYDrvqZrBb-dav8ek9TDm6-PDaVJfWGx8465D_qjZC_a7YvmB-8_ouDLhc1eCvF65-Nb-Q639zve-WZ5GD2r63Iq0NMKJtz9TyfmqlyqO7yhNPn_Vo21yUTZFuWP

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E1E 0
20 B 21ms
21ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bkf5O8dDjZMj9BPCxoPMP2_mnqAsAAAAAOAHgBAI&bg=!goGlgc7NAAZGPLJIZjw7ADQBe5WfOMY2wRoe4TRIf8ayL0pGR5WplCAB7elYtj4BJs2_wXsT7dUbuqLfqGPmWbXD7e0SAgAABMRSAAAAC2gBB5kDFuXcNV0ZdOELtXdxPYOJHLiTwgl4MzAVjWu4Xt8nZ6m6tvXGtdLbKxXCvXNzHJW9Wz83BBocvjZGGom4G5UiP5hOId97e7iRQfAhKnAkiI9tWxsTTgVku-hzz75MiC5ligcoR4hszZcMNHLh5q11QzimpQtOnW2wdN5QIQXonZCn6uCQlhGXZmVHZMVDpoQjWQVJzFp3O3nw1kQt7ZP2RqgomfXdMBvQU1KA83XZ2xAj2lDJAERnJg_s6ZmaF-fW7Te5tAWVJluVmW9Hi2BOXxtWUDsze47w9jIyCPqcsMS10cqeY0PXHA3zNUN6CgqgixC-M2FODAIGoSc2Q8WHRr9jg_E1GGfBJj22M5sUqHBl_IIv2TzlyDd78YduJiZSeRQY0q433E75gSd_UITT3-UVA3DsrUzZYrZob3o0ZbaROJJ1C4rp1dtGQJ7AoV4p93e7yR_GUbJkZGLM9m3cO4e0dJ-5eDsWTlc6xez4bBdjaVLDrRva4uyokIgchgBqRr8TIGG-VvQxfJsfQqmUN7XhFSnblhztCUMDNnO8-8Q_mhJOQVGYgSIjaB5bLCoYIedYa1-Oc_m4hB-2Vq1HsdBjQHYvysHdd6VciQaDN_ifPJ_8rcOxiuWllhg-Lh8dgFTUDZATL-XiGIrk_Dv8y-PcVec-Xf8bEwFwFTbXCf4OzRMBU3Tvu__w2q9sU-nntCFgSTY3RIGPe3rllt9QJhPgDLw5Ij0zBRcfU_Jhjaas2pj0Q4pzGIyMCAK7patxXGEJtPqo_3RYwvic2gJFt-OoGHMB5XDlaYVulzCdnW2ocUXTtLqDCF9tkknlZOPmSyFFvOXVZoe-ztET_oIbkCea57B3JgKP0p_5ThWbDNCV7W3hmV5qC6IgVlI88drgTjAQbO0rqiHqg-1YfCZ5xM_A7RtZjGP_qUT35X8XDnfVVtmKpRE7YE07bpTuCaQKZ-lzbTqHC3Ydr2tZaeuTNs5ayjeGzWJUiarzBpScZu0az4jNBU0WBgfgkoppVCQ5YjA6rXy5fbYuiCEsJfWakPU3VjB6TZk

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 319E 0
10 B 21ms
20ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Xen-Qg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:02:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
62ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230817&jk=2243048199549426&bg=!GRqlGlXNAAZGPLJIZjw7ADQBe5WfOPdY1XJyC34hKQc4oRR175KIqiiQpV0FYC690tLwBgp6OTHJFXX0lkW_tetjPxU-AgAAAdJSAAAAFmgBBwoAg2jh9mikBRQ7cCOw_Z7DyQlV_PTZkTN99YqEOy2FxB_Cd9MvKXjBInq6B-4YgBBiIjDP0_Z-5KG8SLv-WslS_kU4l94EB_zfi4dzM9SmBhqTXg4LticsWe8P2wOwYug7bobVt8RCRL6EjdKDd_3PydXzyBC4aIiTvQZDyUYiGbI_Zdu4mQK-3hbYEnvEIfCwCmIKYY3L1rysljpwzVMTOe7wNrdBVATD2r29if33ZaJXJz8HO6wrgwuVw6GMAzlkns-ovwwO51gCAO8FCewavwn88bzjEh_FHRMRkBZJcGQ46IYR6-7sLhrMV5dVzr1BvJGiJYq5W_DFtpW5N1GsQF6qu6om9Lwpa4P8Rq_8FyPNuhemCxaBPYyTWxSRiqfix3SGAQjJBqhhFs2RyehHMY2kMHDRCd3up_7TexPrUWEdQ7GJ2Uu9w7OJyN01m8CuoUVOBz_5AUOSgoqSbRMM9-gF98q4YpU9UvUqsUxdGRJ_323KHHHrhsp1qPEM4K0BONPknq__FzGLsjUS-_ToBsqp223cXqFkVky-GcONmPCqSAH2KZrp3nQ3355ViFYHR4JGbsFyMTiFmoTH8MphleTHW7-DItkhxOo-VX_n4EkLk1HKnU_3pcYsyMVEZlpof4mD9zHA-igRzlrAkUBnol7JtZJghqpRCuH6xVhJONbi6ha-sHgouXvgLoFJhnrg0gyKwtz2GfoNH7S9X64hHaE4pHHvb_eInLwvzUkxvyNe2XrJnswepgPGNSOEg7cUgIT59cvKFPi2__tIJs3phS-_ajRvLoIJdiuBuEfT2yOj3IAt5w0ECBeloi04QYx5K8IBJ35K6zTLdTk8MrjFHYPeO9ZTNAlqX1BoUAxdZRLxTacE1m7osnEV0fZ_5VDJ-MJwv0v5hZY7r1maED56_Y--mQdVd2qy1Qt2TN1FfU3Yunnk_5aIJUJN3SjYsr1MaBRDWqGuXmf1NmUZXVKV8TqAvzfT-BA2zXe5Y85hhc2V-4wa8PXOpN2_p9528MVXbXUyYwZmNzasGeJzHafQmr1v3iyGJ1TEvmndU5dA_Vga5Vrt1qTBnyFkpp8m0mIWD4KFS7NpLm71f6TLQ_WbH-fxVnZ9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carasettingbaru.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 23:46:51	Name: IDE Value: AHWqTUn1TLMBXvLu84tMUQleEm_pHXTnyUnxGbIRIuPBZ2pY8PkHkgo69if2izIVmmQ
.adsrvr.org/	1970-01-20 22:57:54	Name: TDID Value: 1e5b0a8b-4774-4629-9caf-2b6d5b26ecc2
.everesttech.net/	1970-01-20 22:56:27	Name: everest_g_v2 Value: g_surferid~ZOPQ8AAAAbRFVgA_
.casalemedia.com/	1970-01-20 22:56:27	Name: CMID Value: ZOPQ8IDAouD5wPIFR3N6HQAA
.casalemedia.com/	1970-01-20 16:20:27	Name: CMPS Value: 3648
.casalemedia.com/	1970-01-20 16:20:27	Name: CMPRO Value: 3648
.adsrvr.org/	1970-01-20 22:57:54	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI0Puy0_-kkTwQBRgFIAEoAjILCP6R9f6VpZE8EAU4AQ..
.doubleclick.net/	1970-01-20 18:30:03	Name: APC Value: AfxxVi55zqiA070g3EWSQ7QAITa0n7sFyZYmfT4MXC7fHv_GbbU0hQ
.adnxs.com/	1970-01-20 16:20:27	Name: uuid2 Value: 2583423225306441334
.mediago.io/	1970-01-20 22:56:27	Name: __mguid_ Value: 3cd6870a3a2a533a084fc62245457a40
.adnxs.com/	1970-01-20 16:20:27	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1sD[l+!]tbPl1M>e)ZlrFUfJ+tGXxp.GRzoRQTqWyQo'uh_>k4cAhz#YvmgBwUIpBbpRzqF1`b_om*+i2U
.owneriq.net/	1970-01-20 23:46:51	Name: si Value: Q7459381611453715833P
.owneriq.net/	1970-01-20 14:25:15	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 14:25:15	Name: gguuid Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&h=600&adk=4102438265&adf=3362977292&pi=t.aa~a.2407176695~rp.3&w=288&fwrn=4&fwrnh=100&lmt=1692508514&rafmt=1&to=qs&pwprc=3630501105&format=288x600&url=https%3A%2F%2Fcarasettingbaru.blogspot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692651759532&bpp=7&bdt=2395&idt=7&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2162244351441&frm=20&pv=1&ga_vid=271899824.1692651759&ga_sid=1692651759&ga_hid=703249488&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=839&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077148%2C31076997&oid=2&pvsid=2243048199549426&tmod=980152497&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SfIONt8Hjq&p=https%3A//carasettingbaru.blogspot.com&dtd=261 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AAOd8MwUDSB7LUi00jr5wnryFYrC97CROJyV1Zc2JipgE7Q7W3Cb5RfLLFhq2b3tsOP3EmaJyNdghp2oLyGzXFvRQD7blMYjGobRpK3FNn43g78XlkxO3tG7PdB7PoMvQzBLbrAtHP5c1Q7Bm6lMNn-U7xJJPdejRj1OlqELlX1REb1nuD9xNJ_k02YGncNj7QxcNeKKqJHgkXyizYTMXGBi3QNMN1JZITb-LE7ll0D1jIrOjgWfzDrga6U5=w600-h300-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
ad.doubleclick.net
ads.us.criteo.com
bid.g.doubleclick.net
carasettingbaru.blogspot.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
csm.us.criteo.net
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
im.bluevoox.com
imageproxy.us.criteo.net
imasdk.googleapis.com
lh3.googleusercontent.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.owneriq.net
r1---sn-ab5sznzy.c.2mdn.net
rtb.va.us.criteo.com
s0.2mdn.net
static.criteo.net
sync-tm.everesttech.net
tpc.googlesyndication.com
trace.mediago.io
www.google.com
www.googletagservices.com
142.250.65.230
142.250.80.34
142.251.41.2
15.197.193.217
151.101.130.49
172.253.62.157
172.64.148.101
23.6.104.153
2404:6800:4001:801::2003
2606:4700::6811:180e
2607:f8b0:4006:15::6
2607:f8b0:4006:808::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::2006
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::200a
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
35.208.249.213
51.222.39.186
52.45.175.185
68.67.160.114
74.119.119.147
74.119.119.150
00508300cf22366c8feee88d443d52ce424037cfe16015023d9904ee9405abb7
0803433ac84cc454e2af8c1de987a2aaa705ca8e1da89a566b63eff4d1c69de5
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d51f975c2a8858eff6babf151eac3b9fef9c37fa4c6f2104304132a92c9549
1bf546ab5db217ff46a35eafb202216c58147276ebabbec42c1a0e0a826394e1
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2c3ad744d2b86ff68eb611bdc4d7335d3181049afa9ec171b21b15c262943dc8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0
2f2c26a15bd0540a1d2238d5f2f32c8c868b75c6aefc9b2a210588067742b641
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
35ea43be85b2d963eb56cb49ef85ed9f38097441e0e38a50476bcc38bf5cdd91
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
42a7ddc95ad273bb87da7b8db59a63d8a9db62ad515ed22639ff0ffac8d5de52
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
45f47dbf9980fd5a6300c9538b11ed634880b1bf4f61d4ab692851231f99a198
48a8f86f63a2354c99dfc16a7f9b5cff80e5543b2a18a95bf77ea8587afe17cc
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4bc5f7d043b2f4b34a91fa051b106d7371ca22dfe2ce90721656256a769d4c5f
4bca9a24d4080f49a08544220478958fc14ec1655d666fcd74cec4f56571a640
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59edfee3eaafda8707b49eeb09a1146ba277fbde94e855af959e5db90b5dc185
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d9dc5cd1fc127cd55564aa1591a50eb20015392a3b6823c37e10346192d13f
62260096cabbc6e8b49e200b276a2a83e309c687fa91fac70e1a1b25c543be53
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
6aa4afb5786d5b9eca46bc26edad83771dae4cb095c962ed8ac7304659518046
6c91c4f494bb3095b00de1695614e4d74ab1b351f95e2f77c401beafd9b14649
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
80f0fdfe45fa8bdeaa7c9910fae30f4b06333b5b2f47970c54102976d9f2f099
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
86bd33670021e8992e55bd4e62bdf13760bd7a59c54189f43aaa71627b12f3e4
8b0a702ff01289a19d988f7393bd583d66fdd3d49bb130682da64b849a51377e
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a12534cd422c0bb85fb458a496bbf397110a104e36eb572140b402d41593715e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab016b619aef9d77a755e3a61f4f314d9ef849a06a6bd89456733ff042f8ebdf
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
bc5816ad0d5b7b6377f7b913b4ad79ccce53fccf4da503b6c98c8c3077c0f420
d833a2a292235d5a07ed61bca43b8e0e6b541a31dd0828116edd67b0456f8760
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1779db92c62463ad84971b21cc14dcc4da5907dea0b8ff5672e7f5ad6aac8ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8f5ef3347aceeca7fedfa88c43514d58ac1725e6fc1dbc710f402899c8bf27
eaf926fcdf61f32b16fad348a2e35a432d9ce87ea28dcc73323b8d91bfaa7133
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5481c7a3ae092ce3d4eff6223b9e9a1cf1ad49ca32b96a4fef67614bd7a8595
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

carasettingbaru.blogspot.com Open in urlscan Pro 2607:f8b0:4006:808::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

91 %HTTPS

61 %IPv6

21 Domains

37 Subdomains

30 IPs

3 Countries

1454 kBTransfer

5096 kBSize

14 Cookies

1 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

carasettingbaru.blogspot.com Open in urlscan Pro
2607:f8b0:4006:808::2001 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

91 %
HTTPS

61 %
IPv6

21
Domains

37
Subdomains

30
IPs

3
Countries

1454 kB
Transfer

5096 kB
Size

14
Cookies

122 HTTP transactions
3 data transactions