www.balipost.com Open in urlscan Pro
188.166.207.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://balipost.com/
Effective URL:
https://www.balipost.com/
Submission: On February 04 via manual (February 4th 2023, 6:08:26 am UTC) from ID — Scanned from DE

Summary HTTP 340 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 45 IPs in 10 countries across 43 domains to perform 340 HTTP transactions. The main IP is 188.166.207.31, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is www.balipost.com.
TLS certificate: Issued by R3 on January 28th 2023. Valid for: 3 months.

This is the only time www.balipost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 122	188.166.207.31 188.166.207.31	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
28	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
15	18.203.96.5 18.203.96.5	16509 (AMAZON-02) (AMAZON-02)
1	92.123.37.164 92.123.37.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 18	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 7	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5 5	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 4	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	3.68.24.7 3.68.24.7	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	2600:9000:211... 2600:9000:211a:5600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	18.192.88.32 18.192.88.32	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
6 6	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
3 3	2.19.44.80 2.19.44.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
2	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
1	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1	13.42.68.116 13.42.68.116	16509 (AMAZON-02) (AMAZON-02)
18	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.95 18.66.147.95	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.9.112.14 3.9.112.14	16509 (AMAZON-02) (AMAZON-02)
340	45

122 188.166.207.31 (Singapore) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

balipost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.balipost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.6.245 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.44 (United Kingdom) 5 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.203.125.36 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.24.7 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-24-7.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211a:5600:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal900010.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.88.32 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-88-32.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.180.230 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.44.80 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-80.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.68.116 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-68-116.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-95.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.112.14 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-112-14.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
122	balipost.com 2 redirects balipost.com www.balipost.com	2 MB
46	doubleclick.net 9 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 ad.doubleclick.net — Cisco Umbrella Rank: 184	137 KB
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	586 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27638 ad4m.at — Cisco Umbrella Rank: 9391 assets.ad4m.at — Cisco Umbrella Rank: 39464	841 KB
25	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 568 track.adform.net — Cisco Umbrella Rank: 3696 s1.adform.net — Cisco Umbrella Rank: 8046	147 KB
15	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 10938	59 KB
9	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70 cse.google.com — Cisco Umbrella Rank: 2636	2 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	202 KB
6	mathtag.com 2 redirects tags.mathtag.com — Cisco Umbrella Rank: 4453 pixel.mathtag.com — Cisco Umbrella Rank: 975 sync.mathtag.com — Cisco Umbrella Rank: 453	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	289 KB
5	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 31195 hal900010.redintelligence.net — Cisco Umbrella Rank: 224088	7 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1232	952 B
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 84938 static-de.ad4mat.net — Cisco Umbrella Rank: 113105	8 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 295	35 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	25 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19463 api.webgains.io — Cisco Umbrella Rank: 57676	31 KB
3	awin1.com 3 redirects www.awin1.com — Cisco Umbrella Rank: 15368	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 66678	591 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 67818	371 B
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 57500	1004 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 329	952 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 733	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 748 r.turn.com — Cisco Umbrella Rank: 3187	869 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	920 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 592	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2918	207 B
2	google.de www.google.de — Cisco Umbrella Rank: 5986 adservice.google.de — Cisco Umbrella Rank: 8741	939 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 58936	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 47375	2 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 98169	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 76484	1 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 82288	549 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	45 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 661	762 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1006	356 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	265 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1634	351 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 767	713 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	602 B
340	43

	Domain	Requested by
120	www.balipost.com	www.balipost.com
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.balipost.com
18	s1.adform.net	track.adform.net s1.adform.net www.balipost.com
18	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net www.balipost.com
15	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
15	pagead2.googlesyndication.com	www.balipost.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	assets.ad4m.at	as.ad4m.at
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	fonts.gstatic.com	fonts.googleapis.com
7	www.google.com	3 redirects www.balipost.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	ad.doubleclick.net	6 redirects
6	www.googletagservices.com	googleads.g.doubleclick.net
5	track.adform.net	hal900010.redintelligence.net s1.adform.net
4	hal900010.redintelligence.net	hal9000.redintelligence.net hal900010.redintelligence.net
4	sync.teads.tv	2 redirects www.balipost.com
3	cdnjs.cloudflare.com	s1.adform.net
3	www.awin1.com	3 redirects
3	sync.1rx.io	3 redirects
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	fonts.googleapis.com	www.balipost.com googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	www.conrad.de	as.ad4m.at
2	eb2.3lift.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	static-de.ad4mat.net	as.ad4m.at
2	s.ad.smaato.net	2 redirects
2	ap.lijit.com	2 redirects
2	x.bidswitch.net	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	c1.adform.net	2 redirects
2	sync.mathtag.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	prod-rtb.ad4mat.net	www.balipost.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.balipost.com
2	balipost.com	2 redirects
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	r.turn.com	www.balipost.com
1	ad.turn.com	1 redirects
1	ajax.googleapis.com	hal900010.redintelligence.net
1	odr.mookie1.com	www.balipost.com
1	match.adsrvr.org	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.balipost.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	cse.google.com	www.balipost.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.balipost.com
1	stats.g.doubleclick.net	www.google-analytics.com
340	63

This site contains links to these domains. Also see Links.

Domain
facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.hypernet.co.id
www.facebook.com
instagram.com
gourl.id

Subject Issuer	Validity	Valid
balipost.com R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
update.mediamathtag.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://www.balipost.com/
Frame ID: 4722CEE0BE908B8EED81C4470DAB576D
Requests: 145 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Frame ID: F43413C8822FF8A5FE958E405BCD1ED8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&adk=1812271804&adf=3025194257&lmt=1675488952&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.balipost.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896718&bpp=7&bdt=1054&idt=178&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2765791972825&frm=20&pv=2&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216
Frame ID: 94B53166EC7C82E8B0975268DE6C70C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896953&bpp=1&bdt=1289&idt=1&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=WAdfzny6Cn&p=https%3A//www.balipost.com&dtd=5
Frame ID: 605C8D80EA56494871E3A1FC5BB73272
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Frame ID: 96E7BB38E0B1CD8364405E78EF74142A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
Frame ID: E4C85572BBB54B20A101E3DF892177E3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137
Frame ID: A931B35DDF0BD1E2B683809CA1464B13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896887&bpp=1&bdt=1223&idt=121&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C160x600&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pYHEgIUr9x&p=https%3A//www.balipost.com&dtd=123
Frame ID: 742240AD003ED8C1110F70DFDEE26E36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 351A25439BBCF5838DA915F47B5C1B59
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1106A8C5A7B627F80EB5AC7459B42744
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: A7DD6114F8D15CEE8BAEF5B36B02F686
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 133E1CDD2E10D11550A63617133A4E43
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: F1C34A27217910F01F6015E6AF8A9FC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Frame ID: A60EF428257964D7F1AC74F4620AA5E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Frame ID: 8D1F086B0980B539E469BC6D3798B1AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Frame ID: 3DF13443E6A1A8C42A18E80B17C3B3C3
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
Frame ID: 14F711D0DDF60951F8B1FA7D55FA1076
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
Frame ID: 40856FFF25CB377EEB9BAFC824C06EF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
Frame ID: 152DB4258E5F239CE370C2095F3C552F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137
Frame ID: D6B5D609BEA924D7127043A4698140FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137
Frame ID: 6716E6567D760E0E3BEB5037D8ED71ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137
Frame ID: 20F80EA6D24382BB654B3357E16E1064
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896887&bpp=1&bdt=1223&idt=121&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C160x600&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pYHEgIUr9x&p=https%3A//www.balipost.com&dtd=123
Frame ID: A9A8E8B5EC6FB41CB49F2937D54934AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896887&bpp=1&bdt=1223&idt=121&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C160x600&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pYHEgIUr9x&p=https%3A//www.balipost.com&dtd=123
Frame ID: F3264A0AA5C79FF5E3FA3D4D2479E2A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896887&bpp=1&bdt=1223&idt=121&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C160x600&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pYHEgIUr9x&p=https%3A//www.balipost.com&dtd=123
Frame ID: 33A856710DE468FC1A6DC9B785FED51D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CXgp2UfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS8AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV5LtGPAvp1QzO4SajogaAcJYGo_aoti6hA9XmMjWOs2DRjoQ2u9XgAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI4MjkxOTIxNjA5MTc4ODkYAA&sigh=GUtuXKi01G4&uach_m=[UACH]&cid=CAQSKQDUE5ymJmcKQvQba84gvhlOi8_kw-PW_zdI-6htvxKFR-7zi0A4_iTBGAE
Frame ID: 767CDD4139BA3FD89ED4FC52C352CDB2
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g81tyn1whsbjjfak58bad6p2yk9000mjezrfzm1yvbhpcz22fa897r21enzg9af7jghwb5ttrc57r7s1q3w1hqxn9fec0x9bxajg9s5wjx010gj5pgkv0anw3skzq967x3rzv5z1112v3r2t07j8p1cc94ae4cwy1stxyk4x3jbbe51999h9g3pd74fag2a8veg7xxpcpb09ctrw3k4qyzz1mj1btzbgy1hpv8qc26625rrmmzxjt1cac2yn81xjgm318pyyywvsyz763nhftw277jaftycjzk981j1ktbb3gmnank0hzxq24e914tycqbakrrbf0v57qyvgbb5r6sg5917zccatamhmzgjd64h6n7m3xqeqwsrk5hj5wt2ybx9v3mk5ehhpdrpvdatvxk3n966smhr85g6ydh9b4txfxtw5b9vw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%26client%3Dca-pub-2829192160917889%26adurl%3D
Frame ID: 3B9282AC9E0E9E6899F0B2748C5A9CFA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2666BFF3B32B927648B5E5D6E4A1B652
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k5ed92bb6n1cfyp6cryz2e9xdk2fgv821r27e47adwae5c182ca7kc3ngdmqjfh5hev1jcypszr72zgnrdaj715z5nh29vsegx3s35a55hs14fkcx8dkq3d07ktwkjgkjb2tmqqd1c88svfz2m6fq4v059mk7vbaxq4vb84cadk2kzr01h1kjcf6dz4v0w7g2fp5404gw7qa7k5w03acgavxfrj73kpbb2d4r39s1y8wwsf9rgtm7p3z0kd6cj7689w6htg5f09p6jgffevd8438fv26tf6fh2e9mtn5r97vyymvrdq7z2q5b8gf4pq2t6kqx6d8rvmt529cx3b9xvwqv10xc0zyv8zrhjrw8e88s5asbfg4das0qsxjneytcvm7sx696887f5j1a3wdj5cvhz6k20ycgp3ppr5d0btmv63vmde290awdx3wp5mvtmnmyrytr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%26client%3Dca-pub-2829192160917889%26adurl%3D
Frame ID: A7EF5279655F3805806A6222D26D09B8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D536E15E3E1194AA7A676BF7F5801EF
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0B18BF4AD82803261CF9AEA8B7B5B492
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0D67D28A66D9FA742CA3939DFDB5170C
Requests: 1 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=50120400015955906783183012225010&a=dfda77f0
Frame ID: F06E2DC16E94B6C918AA0A1F0C787E05
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3E8F78340AD770F15D7DE5E0539EE72E
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Frame ID: 957C7BD6B805585D2FE74A2FF94DD406
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Frame ID: A9375E64FA1709205627037D7071AE9F
Requests: 11 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/02d1bf1a-78c0-439d-98fd-51827e38ff7c
Frame ID: BB1FDC87F95B3BEC0ECE0927D8CE97C8
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12320422/12320422.js?ADFassetID=12320422&bv=258
Frame ID: 28DB55862E4B2B8E5C641B703C26C976
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FBC8E01352A47E2366D0F54EAD9EAEA7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4694DF006F5A2D8ECB7AE1373D650C1A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BALIPOST.com - Berita Bali terKini, terUpdate dan terPercaya | Portal Media Inspirasi Local Untuk Global

Page URL History Show full URLs

http://balipost.com/ HTTP 301
https://balipost.com/ HTTP 301
https://www.balipost.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

340
Requests

90 %
HTTPS

41 %
IPv6

43
Domains

63
Subdomains

45
IPs

10
Countries

4370 kB
Transfer

9346 kB
Size

40
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/balipost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/balipost_com/

Search URL Search Domain Scan URL

URL: http://twitter.com/balipostcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUKs-u3OChJ5Dd57brARhYQ

Search URL Search Domain Scan URL

URL: https://www.hypernet.co.id/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/balipost
Title: Suka

Search URL Search Domain Scan URL

URL: http://instagram.com/balipost_com
Title: Mengikuti

Search URL Search Domain Scan URL

URL: https://twitter.com/balipostcom
Title: Mengikuti

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UCUKs-u3OChJ5Dd57brARhYQ
Title: Berlangganan

Search URL Search Domain Scan URL

URL: https://gourl.id/zWFWB

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://balipost.com/ HTTP 301
https://balipost.com/ HTTP 301
https://www.balipost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139

https://www.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0 HTTP 301
https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 175

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 225

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFFnvClvL7P62UCPUM0ouU&google_cver=1&google_push=Aa02lx95DOKLxn8IVatDHXNS2NXWhn8PK6J3BUAyfzyE37aFVBtg0hbzAK01meXM6px-qk53pAAf4PdCIhSW5ZxQkQB9jTPeOgbsyVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=RoNj3fZSQQGE5gEslebigA&google_push=Aa02lx95DOKLxn8IVatDHXNS2NXWhn8PK6J3BUAyfzyE37aFVBtg0hbzAK01meXM6px-qk53pAAf4PdCIhSW5ZxQkQB9jTPeOgbsyVw

Request Chain 226

https://um.simpli.fi/gp_match?google_gid=CAESENH9lXobsUM4SgsjLO3mXmo&google_cver=1&google_push=Aa02lx-q-mLTknWD5DhYznUQ1UXd9n3XTlbagoCvX4rtt3i5vSoWZByQvlGH20d11-00Jtg49OTBq9pTe2CJXfysqpsVJUh4hhSkFbk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=223FC91346F34358A9682166A18CFBCA&google_push=Aa02lx-q-mLTknWD5DhYznUQ1UXd9n3XTlbagoCvX4rtt3i5vSoWZByQvlGH20d11-00Jtg49OTBq9pTe2CJXfysqpsVJUh4hhSkFbk

Request Chain 227

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEByNH1dYfnHp9htHM4nYV2w&google_cver=1&google_push=Aa02lx9jbz8L50qrZw3gqs9nSg1gWbWrcIHdu9K9LDCsyOtejgVNXyhY8i3M4YhiponV2Q2MXNvVwVlf1PMbEGbfrfri9RCDUNb4n0M HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEByNH1dYfnHp9htHM4nYV2w&google_cver=1&google_push=Aa02lx9jbz8L50qrZw3gqs9nSg1gWbWrcIHdu9K9LDCsyOtejgVNXyhY8i3M4YhiponV2Q2MXNvVwVlf1PMbEGbfrfri9RCDUNb4n0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4ODQ5NDk1ODU0NTIwNDI5Mg&google_push=Aa02lx9jbz8L50qrZw3gqs9nSg1gWbWrcIHdu9K9LDCsyOtejgVNXyhY8i3M4YhiponV2Q2MXNvVwVlf1PMbEGbfrfri9RCDUNb4n0M

Request Chain 229

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB8MIazH7ojOb6Az4cik274&google_cver=1&google_push=Aa02lx9hebmVIriZXgX-djZ9acYQTLlhtP6uhtHwpvylf1NFeaQNNrYXJxjkwsEu-E56ZpZ6I9Clk0Ge3bQvc7Oh9y8dLW-9wuR31E0 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9hebmVIriZXgX-djZ9acYQTLlhtP6uhtHwpvylf1NFeaQNNrYXJxjkwsEu-E56ZpZ6I9Clk0Ge3bQvc7Oh9y8dLW-9wuR31E0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675490898417 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-15d853ff-2cd1-4668-bce5-cd0b2580fefd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9hebmVIriZXgX-djZ9acYQTLlhtP6uhtHwpvylf1NFeaQNNrYXJxjkwsEu-E56ZpZ6I9Clk0Ge3bQvc7Oh9y8dLW-9wuR31E0%26google_hm%3DAxXYU_8s0UZovOXNCyWA_v0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9hebmVIriZXgX-djZ9acYQTLlhtP6uhtHwpvylf1NFeaQNNrYXJxjkwsEu-E56ZpZ6I9Clk0Ge3bQvc7Oh9y8dLW-9wuR31E0&google_hm=AxXYU_8s0UZovOXNCyWA_v0

Request Chain 230

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEORqEYri7dg7xefm0RTrb8k&google_cver=1&google_push=Aa02lx9oh_yICxQz79gb5NNSDfVVqw_uS6hM3h_RXGGkkX9aAX5H4C48Xt9hblFSuQ-i3GFw4iNTu85rlkOje7Z02qq6t2E-WSjctgs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9oh_yICxQz79gb5NNSDfVVqw_uS6hM3h_RXGGkkX9aAX5H4C48Xt9hblFSuQ-i3GFw4iNTu85rlkOje7Z02qq6t2E-WSjctgs HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 237

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFFnvClvL7P62UCPUM0ouU&google_cver=1&google_push=Aa02lx_2Eh45GYUDeESWjWODTxolOm34v7sqnV1B_5y4VETzLuuLt10dqpWUqvdIPvTbNjJjVol3DI_VVUnUrxCphYLvBEKYggjDmUC1f-dTaxave1KxUxsIzQWuUdCeAjTaOy2-xJpVlZCGmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=RoNj3fZSQQGE5gEslebigA&google_push=Aa02lx_2Eh45GYUDeESWjWODTxolOm34v7sqnV1B_5y4VETzLuuLt10dqpWUqvdIPvTbNjJjVol3DI_VVUnUrxCphYLvBEKYggjDmUC1f-dTaxave1KxUxsIzQWuUdCeAjTaOy2-xJpVlZCGmA

Request Chain 239

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKvpEbtuSTonyczdRTZpVJQ&google_cver=1&google_push=Aa02lx-7WR8NoewuXLiutd62D3vAjSsQtP1t3wlk79YEsi7HZp9Hi5HCH3wGSUgdd6tEZctokpLC9Wxxn9DkzmF66-BDwje5_bhou0rk2z7OwGnNsugPBHFw1VEtuAx_-0VpiXqh8_u5UUZIBN0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKvpEbtuSTonyczdRTZpVJQ&google_cver=1&google_push=Aa02lx-7WR8NoewuXLiutd62D3vAjSsQtP1t3wlk79YEsi7HZp9Hi5HCH3wGSUgdd6tEZctokpLC9Wxxn9DkzmF66-BDwje5_bhou0rk2z7OwGnNsugPBHFw1VEtuAx_-0VpiXqh8_u5UUZIBN0 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6588121d-2d9b-4a1a-a7e6-111c3c2e322b&ssp=google&gdpr=&gdpr_consent=

Request Chain 240

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEF-UT-5sNYil-y8bUVJc0ic&google_cver=1&google_push=Aa02lx_qKolf7umx8gHG8NyAsv8wopE4zdYMA2r8PwpADWl4NjKrQcf2bV2BnGRTgFcLro72ZRxk01JytSuACBf8SxjAnYgf4H4iH8NFcJ9eiUjDHO4YuBxXBydjF69egunWE5ZdRIjnJg4dNQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEF-UT-5sNYil-y8bUVJc0ic&google_cver=1&google_push=Aa02lx_qKolf7umx8gHG8NyAsv8wopE4zdYMA2r8PwpADWl4NjKrQcf2bV2BnGRTgFcLro72ZRxk01JytSuACBf8SxjAnYgf4H4iH8NFcJ9eiUjDHO4YuBxXBydjF69egunWE5ZdRIjnJg4dNQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_qKolf7umx8gHG8NyAsv8wopE4zdYMA2r8PwpADWl4NjKrQcf2bV2BnGRTgFcLro72ZRxk01JytSuACBf8SxjAnYgf4H4iH8NFcJ9eiUjDHO4YuBxXBydjF69egunWE5ZdRIjnJg4dNQ&google_hm=GGUwqGZHjRPoNVOrReakWIZH

Request Chain 241

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHhejLDmG7tvchdXiRS8dU4&google_cver=1&google_push=Aa02lx8PYPP88HurXRDFJb1qIV0VR9fm65T11N6txgBLJpd_FTdw3xFrkohBpesAuJNDDTW8OHWNywUi8D40NIq7Y1y4itKGKBH1BaHjh5a3zUu5l6sh8UvJLdqVPnQN7MjPhat-6KIB0UhvwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8PYPP88HurXRDFJb1qIV0VR9fm65T11N6txgBLJpd_FTdw3xFrkohBpesAuJNDDTW8OHWNywUi8D40NIq7Y1y4itKGKBH1BaHjh5a3zUu5l6sh8UvJLdqVPnQN7MjPhat-6KIB0UhvwQ

Request Chain 242

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEORqEYri7dg7xefm0RTrb8k&google_cver=1&google_push=Aa02lx8HDVn8L1F4yMytOKiHIV0rDDVoVAueoVprv8ngsQwLfc-ARGYH7S2NBgfYPfwOKp37myyJgejw0IFgY1sETqaWI8p3qUtTngpAt28bcIWwAkqjUti_NoJIgFum8ltYj80LWhNA63rDVzdG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8HDVn8L1F4yMytOKiHIV0rDDVoVAueoVprv8ngsQwLfc-ARGYH7S2NBgfYPfwOKp37myyJgejw0IFgY1sETqaWI8p3qUtTngpAt28bcIWwAkqjUti_NoJIgFum8ltYj80LWhNA63rDVzdG HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 262

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFk3D9csgHu-gtE5F5qSK5Q&google_cver=1&google_push=Aa02lx8eCer3ttOuq6vWlapTXcuDZwbGtoHwHl8avSXIJIqYJu10LoQq5q95R9EK1v9yrUi73ROG_V8e4yEDx-Ml8bkfsYj1Bpve5_c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0MTcwMDIwNDkyODU5Nzk1OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFk3D9csgHu-gtE5F5qSK5Q&google_cver=1

Request Chain 263

https://d.agkn.com/pixel/2175/?google_gid=CAESEJzTN592so3BStVdxaZ_rB8&google_cver=1&google_push=Aa02lx8DdWD4zZKiwxXgtpm80cLptERTTXl5_0D7KQS_TyC9Ri4VUqUNhxpK14iyToBqcSH6mCsOva7dEa9A8HuP-xYUSdTl8apOS1Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx8DdWD4zZKiwxXgtpm80cLptERTTXl5_0D7KQS_TyC9Ri4VUqUNhxpK14iyToBqcSH6mCsOva7dEa9A8HuP-xYUSdTl8apOS1Q&google_hm=Q0FFU0VKelRONTkyc28zQlN0VmR4YVpfckI4

Request Chain 264

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKiQjsEGX8TEQPzZmjC2CvU&google_cver=1&google_push=Aa02lx-GmESQGfR8gjws6LBWSBaChLOgkwzH8MAqt8zDDzCDAIG0Ip012OWUjVvVerXdYKaTZOPx2Buxh9ueDq4bFiP6kwk-L94glA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKiQjsEGX8TEQPzZmjC2CvU&google_cver=1&google_push=Aa02lx-GmESQGfR8gjws6LBWSBaChLOgkwzH8MAqt8zDDzCDAIG0Ip012OWUjVvVerXdYKaTZOPx2Buxh9ueDq4bFiP6kwk-L94glA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FNW2u-OpQy-KAXpRv2hoUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-GmESQGfR8gjws6LBWSBaChLOgkwzH8MAqt8zDDzCDAIG0Ip012OWUjVvVerXdYKaTZOPx2Buxh9ueDq4bFiP6kwk-L94glA

Request Chain 265

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHhejLDmG7tvchdXiRS8dU4&google_cver=1&google_push=Aa02lx-OJjKN--jN8eBmI-QVbkrlKsIIvBKv4twY_4JqAcsAjxhA_oLSW9Q3iS3GPCrf4Ydhte1BWwGbJfx-tvizjuI3C7tJzLXACxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-OJjKN--jN8eBmI-QVbkrlKsIIvBKv4twY_4JqAcsAjxhA_oLSW9Q3iS3GPCrf4Ydhte1BWwGbJfx-tvizjuI3C7tJzLXACxA

Request Chain 266

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB8MIazH7ojOb6Az4cik274&google_cver=1&google_push=Aa02lx8iOHexsfs8_hw2DAYvdynYGnGzdDc4ULXVJbB1YhWx7leBHASA7kNP7fRIRkucaIvUWiSL6jAc_mJJwYwKVjYXvjVQ60yNwgY HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-15d853ff-2cd1-4668-bce5-cd0b2580fefd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8iOHexsfs8_hw2DAYvdynYGnGzdDc4ULXVJbB1YhWx7leBHASA7kNP7fRIRkucaIvUWiSL6jAc_mJJwYwKVjYXvjVQ60yNwgY%26google_hm%3DAxXYU_8s0UZovOXNCyWA_v0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8iOHexsfs8_hw2DAYvdynYGnGzdDc4ULXVJbB1YhWx7leBHASA7kNP7fRIRkucaIvUWiSL6jAc_mJJwYwKVjYXvjVQ60yNwgY&google_hm=AxXYU_8s0UZovOXNCyWA_v0

Request Chain 267

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECbscypAysEB0GnguIbpzEg&google_cver=1&google_push=Aa02lx9sLNNZGJQmmbVQgQDyFOl-xY7gjVRu-R8EgaHmVe7O1UREoyKNo55Ufev9BumkJK6Vda3T_GNNUFporMJ9cj7wLPl1f9vOr_U HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9sLNNZGJQmmbVQgQDyFOl-xY7gjVRu-R8EgaHmVe7O1UREoyKNo55Ufev9BumkJK6Vda3T_GNNUFporMJ9cj7wLPl1f9vOr_U&google_gid=CAESECbscypAysEB0GnguIbpzEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTg5MTkxMjU0MTMwMDM0MTc2MA%3D%3D&google_push=Aa02lx9sLNNZGJQmmbVQgQDyFOl-xY7gjVRu-R8EgaHmVe7O1UREoyKNo55Ufev9BumkJK6Vda3T_GNNUFporMJ9cj7wLPl1f9vOr_U

Request Chain 276

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPx5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COeL4f6Z-_wCFQHtuwgdys8Gdw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPx5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPx5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675490898_5217abf1-a452-11ed-acb0-22645d5ed731

Request Chain 281

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1675490898_51fcf801-a452-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 285

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLuH4f6Z-_wCFdEq4AodmpAMcQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020407081981241080831X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023020407081981241080831X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 288

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CNCI4f6Z-_wCFZm4dwodLJMGUQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023020407081981241080829X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 291

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1675490898_5200efa0-a452-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=

340 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.balipost.com/
Redirect Chain

http://balipost.com/
https://balipost.com/
https://www.balipost.com/

263 KB
39 KB

489ms
390ms

Document
text/html

188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

898ba5f231a1a1227493f31318de90ab8d2d3ae71245f601680a1946f55d8bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 39809
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 06:08:15 GMT
expires: Sat, 04 Feb 2023 06:08:15 GMT
last-modified: Sat, 04 Feb 2023 05:35:52 GMT
server: nginx
vary: Accept,Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0
content-length: 408
content-type: text/html; charset=iso-8859-1
date: Sat, 04 Feb 2023 06:08:15 GMT
expires: Sat, 04 Feb 2023 06:08:15 GMT
location: https://www.balipost.com/
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 0e358f1a917bc71e6ba25a67ec5e0e91.css
www.balipost.com/wp-content/cache/min/1/ 2 MB
208 KB 398ms
385ms Stylesheet
text/css 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

25bd2dcbb8fe8d036d346302b46f8a72c0d8aafc9fb152b44afd648a9a1f9e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
918 B 51ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 05:11:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 06:08:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 29 KB
1 KB 59ms
24ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 04:26:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 06:08:15 GMT

GET
H2 200 jquery.js Show response
www.balipost.com/wp-includes/js/jquery/ 95 KB
33 KB 398ms
384ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/jquery.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2016 09:00:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 33766
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.balipost.com/wp-includes/js/jquery/ 10 KB
4 KB 206ms
193ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4014
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
www.balipost.com/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/ 1 KB
1 KB 203ms
191ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/jquery.mousewheel.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 08:01:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 716
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 jquery.touchSwipe.min.js Show response
www.balipost.com/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/ 20 KB
5 KB 200ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/jquery.touchSwipe.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 08:01:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5051
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 swfobject-4f8949bc85277101259307d8df9ffa92.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/ 10 KB
4 KB 209ms
198ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/swfobject-4f8949bc85277101259307d8df9ffa92.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d03a0e0c2c6cc47e5799d246a77f6803365c08ece711e91e5368d5cb7ca70ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3839
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 audio6_html5-71d43efe06f99119f2a2a8f7708fb4f3.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/ 37 KB
10 KB 206ms
195ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/audio6_html5-71d43efe06f99119f2a2a8f7708fb4f3.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

13a1889f00fd2c485843b0bd47ac837f8cb6fd68a527bb256b9055a5825c2f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10207
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 jquery.visible.min.js Show response
www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/ 479 B
597 B 391ms
381ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/jquery.visible.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fc58b23d3f77487278dcf48df8b26048ee6c880cd7adf98901523472045fa9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 Jul 2020 22:04:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 285
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 Chart.min.js Show response
www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/ 170 KB
53 KB 396ms
386ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/Chart.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

eded12b276b31b3393992b0a701a16b79b4a5172329a0e3ca59b97ae862368e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 Jul 2020 22:04:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 54000
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 modal_survey_answer-129e273465258571d32554b485af35fe.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/modal_survey/templates/assets/js/ 17 KB
5 KB 394ms
385ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/modal_survey/templates/assets/js/modal_survey_answer-129e273465258571d32554b485af35fe.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5fd0136596d768ea3b04a98065190a3126dfa55ae360ef0e2cabcb4898724c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4952
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 modal_survey-89a7ccdccf66ac9f7263c349ff8bb465.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/modal_survey/templates/assets/js/ 106 KB
20 KB 586ms
578ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/modal_survey/templates/assets/js/modal_survey-89a7ccdccf66ac9f7263c349ff8bb465.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c6f2ae620b42156c1d34649d570b881fd4816905f85188237474ec42b66519bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 20636
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 jquery.circliful.min.js Show response
www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/ 5 KB
3 KB 400ms
393ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/jquery.circliful.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c40bae480ece754561ff5f38ce646abadaf26c947c3c0fe88b99c03ec379bdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 Jul 2020 22:04:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2397
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 advertising-d4f43c1f8ffde9d18d6182f77540db3e.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/assets/dev/js/ 27 B
335 B 396ms
389ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/assets/dev/js/advertising-d4f43c1f8ffde9d18d6182f77540db3e.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

88338376e9ea49dbeee61d90650b389d9a48bd6a6dce148851cff3adbe2290c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
vary: Accept-Encoding, Referer,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 jquery.watermark-748fdd969768995450ae6445f5197a14.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/contentprotector/js/ 4 KB
2 KB 397ms
390ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/contentprotector/js/jquery.watermark-748fdd969768995450ae6445f5197a14.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3728cd70035de1dcb42dc4088a299ed643d82084cfd1e6a0fb96316c6d87bc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1498
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 owl.carousel-80506515d117ab4b13265f739d5dc8f0.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/ 76 KB
18 KB 582ms
575ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel-80506515d117ab4b13265f739d5dc8f0.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4ef427307dd25f232b0f24e5a33d28be07a0ef2508206f3f5ef674872542d07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 17598
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 logo-slider-wp-public-aa35307ce0225a1b34dacffb0146bcb2.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/logo-slider-wp/public/assets/js/ 965 B
750 B 397ms
392ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/logo-slider-wp/public/assets/js/logo-slider-wp-public-aa35307ce0225a1b34dacffb0146bcb2.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bc7a2f5ef6df036657a8c1ae6e15c836d553a21443598ce5d729e69ff0d6bfaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 438
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 jquery.themepunch.tools.min.js Show response
www.balipost.com/wp-content/plugins/revslider/public/assets/js/ 105 KB
37 KB 582ms
577ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9a56320bb8bfb81dc997a1120c77ec017cffab4db5ba5482afb29129e0690540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:19:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 37356
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 jquery.themepunch.revolution.min.js Show response
www.balipost.com/wp-content/plugins/revslider/public/assets/js/ 61 KB
17 KB 584ms
579ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bc520f34e0e2530005a386d108c6422878efe5eee987659ba867015fde2ddf53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:19:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 17259
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 ytprefs.min.js Show response
www.balipost.com/wp-content/plugins/youtube-embed-plus/scripts/ 10 KB
3 KB 392ms
388ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

01c4b7ea2a08142064d2c3994a2cc73d7c55125d586d2a918ce3482f4439e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 00:54:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3173
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 56ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2829192160917889

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb452ddb4dfca86dbdb3ef1b6616041baed0201d288a3aafbce1b57c97d7ffaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49971
x-xss-protection: 0
server: cafe
etag: 15282760665648231705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 06:08:16 GMT

GET
H2 200 logo-272x90.png
www.balipost.com/wp-content/uploads/2017/02/ 7 KB
7 KB 187ms
187ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/logo-272x90.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bb3cd0189708f2914df04c6adc00ef07a1f64d376dfe6c548d4f02e7bb3c113f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 23:18:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7091
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 logo-m-140x48.png
www.balipost.com/wp-content/uploads/2017/02/ 4 KB
4 KB 188ms
188ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/logo-m-140x48.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

32879fa63106d2274fd3a49869030f5891a0d95ea33efc1cbab2f0b26e8a3ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 23:18:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4027
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 hypernrt-728x90.png
www.balipost.com/wp-content/uploads/2022/08/ 88 KB
88 KB 188ms
187ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/08/hypernrt-728x90.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4d48c41075f946b87b5d28b956eba524d999fe842644ad835d63222787485aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 04:51:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 89893
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 balipostcom_terkait-dua-isu-penculikan-kapolres-karangasem-minta-ortu-tingkatkan-pengawasan_01-900x580.jpg
www.balipost.com/wp-content/uploads/2023/02/ 82 KB
83 KB 283ms
283ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_terkait-dua-isu-penculikan-kapolres-karangasem-minta-ortu-tingkatkan-pengawasan_01-900x580.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

03585b5ebb982715d59560def5c14760821e2ad65fdd486cad08fe34ab28f300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 03:58:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 84337
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 balipostcom_ditanya-pengerupukan-hingga-pemotor-pakai-udeng-ini-kata-kapolresta_01-900x580.jpg
www.balipost.com/wp-content/uploads/2023/02/ 45 KB
46 KB 283ms
283ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_ditanya-pengerupukan-hingga-pemotor-pakai-udeng-ini-kata-kapolresta_01-900x580.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bda6de7191fb31fe41ba1fe08532b09c39f7753aca12545dbb6bd3f89155cff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 03:12:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 46517
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 balipostcom_dinilai-mampu-lahirkan-program-dan-ide-luar-biasa-bupati-sanjaya-nilai-koster-ace-layak-dua-periode_01-900x580.jpg
www.balipost.com/wp-content/uploads/2023/02/ 72 KB
72 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_dinilai-mampu-lahirkan-program-dan-ide-luar-biasa-bupati-sanjaya-nilai-koster-ace-layak-dua-periode_01-900x580.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

855ffaf8cfcd55c62278da9898d1d37bc1b56bb76b3a686a02a478f64c070858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 23:33:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 73483
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_angin-kencang-landa-sejumlah-wilayah-di-bali-bpbd-minta-masyarakat-waspada_01-696x385.jpg
www.balipost.com/wp-content/uploads/2023/01/ 75 KB
75 KB 188ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/balipostcom_angin-kencang-landa-sejumlah-wilayah-di-bali-bpbd-minta-masyarakat-waspada_01-696x385.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

475dcf95fc330f8fa684115576568b15a255102f3ca4f2c60ba68df04483e471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Jan 2023 09:11:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 76518
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_jelang-malam-tahun-baru-presiden-cabut-kebijakan-ppkm_01-696x385.jpg
www.balipost.com/wp-content/uploads/2022/12/ 39 KB
39 KB 188ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/12/balipostcom_jelang-malam-tahun-baru-presiden-cabut-kebijakan-ppkm_01-696x385.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

558cd367c0ef5e3ae7513f6cd81f98649bd5b8a1d45ccdc702e4191a6e456ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Dec 2022 08:17:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 39614
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_dua-gempa-susulan-terjadi-dirasakan-hingga-denpasar-dan-buat-warga-berhamburan_01-696x385.jpg
www.balipost.com/wp-content/uploads/2022/12/ 26 KB
26 KB 188ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/12/balipostcom_dua-gempa-susulan-terjadi-dirasakan-hingga-denpasar-dan-buat-warga-berhamburan_01-696x385.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e2780421fde3ad718b748203906425b9e2a9c9cfdb68e68f5990658dcc4e8dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Dec 2022 07:58:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 26794
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_disengat-tawon-pegawai-dishub-karangasem-meninggal_01-324x160.jpg
www.balipost.com/wp-content/uploads/2023/02/ 11 KB
12 KB 188ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_disengat-tawon-pegawai-dishub-karangasem-meninggal_01-324x160.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

12f0daafcb2564c17988b4b35be5ac578b86c7e5100d54eead4a1ecb22dc3c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 04:40:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11680
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_porter-bandara-curi-uang-puluhan-juta-dari-penumpang-pesawat_01-324x160.jpg
www.balipost.com/wp-content/uploads/2023/02/ 15 KB
15 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_porter-bandara-curi-uang-puluhan-juta-dari-penumpang-pesawat_01-324x160.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5c715c66572d4f5a7648af2fe46d9e3f6692050bf83cce16e898d67044d18abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 04:33:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 15263
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_terkait-dua-isu-penculikan-kapolres-karangasem-minta-ortu-tingkatkan-pengawasan_01-100x70.jpg
www.balipost.com/wp-content/uploads/2023/02/ 4 KB
4 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_terkait-dua-isu-penculikan-kapolres-karangasem-minta-ortu-tingkatkan-pengawasan_01-100x70.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f188f6b66c3985d323b50898dfd4cd1d850762bb370e9a60f5f4b8de198b7ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 04:19:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3676
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_bangun-tabanan-bupati-dan-wabup-diminta-akur_01-100x70.jpg
www.balipost.com/wp-content/uploads/2023/02/ 4 KB
4 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_bangun-tabanan-bupati-dan-wabup-diminta-akur_01-100x70.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6552b5001c6029341f5ae010016614d1480f7deedfa84dd422b589ad942b7811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 03:49:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3836
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_ditanya-pengerupukan-hingga-pemotor-pakai-udeng-ini-kata-kapolresta_01-100x70.jpg
www.balipost.com/wp-content/uploads/2023/02/ 3 KB
3 KB 197ms
194ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_ditanya-pengerupukan-hingga-pemotor-pakai-udeng-ini-kata-kapolresta_01-100x70.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

670aa98261f6f47763a0e2f55bfa5dbdcad3feda46522a9cb0d1be718897f227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 06:32:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3190
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_kunjungi-pasar-kereneng-mendag-cek-harga-bahan-pokok_01-100x70.jpg
www.balipost.com/wp-content/uploads/2023/02/ 4 KB
4 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_kunjungi-pasar-kereneng-mendag-cek-harga-bahan-pokok_01-100x70.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

317681b1a750d61380dc629262df35675467a5aed72b5d472833e0ec6d464f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 02:57:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3610
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_living-world-denpasar-gelar-mall-preview_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 9 KB
9 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_living-world-denpasar-gelar-mall-preview_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fbe22412efdc4b5dc49adc47132fcfdd184c3b5f99a8d43321a38e1f182d0b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 07:44:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 8833
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 balipostcom_film-tanpa-ampun-angkat-kisah-nyata-warning-bagi-premanisme_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 10 KB
10 KB 189ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_film-tanpa-ampun-angkat-kisah-nyata-warning-bagi-premanisme_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

56fdd5e79a54b488e0085fc0082d6c5df5fee441843166ff1db4f006d08e8281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Feb 2023 23:20:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 9787
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_setelah-33-tahun-presiden-ri-kembali-kunjungi-melaya_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 12 KB
12 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_setelah-33-tahun-presiden-ri-kembali-kunjungi-melaya_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

218b463d1015f6d364af02ffb5140470540e96bcbf5669eef4fb4bd0bf358142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Feb 2023 11:38:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 12269
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 maxresdefault-3-218x150.jpg
www.balipost.com/wp-content/uploads/2023/01/ 10 KB
11 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/maxresdefault-3-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

64a9f2909a7d2169cdb6f615b9105e49cf75a12a16fbbefc93af6cfa618dbea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 08:46:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10599
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 ico-video-large.png
www.balipost.com/wp-content/themes/balipost/images/icons/ 695 B
965 B 187ms
187ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/themes/balipost/images/icons/ico-video-large.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

28d9374b9c173602edd327992c7696a708a524f590d749e8ad31855f4fcd7e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:04:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 695
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 maxresdefault-2-218x150.jpg
www.balipost.com/wp-content/uploads/2023/01/ 10 KB
11 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/maxresdefault-2-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5b4d31192aba6f76ad3ab4b13a45456e2d0f5dd63f1a841fb3f986baa6ee8155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 06:53:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10571
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 maxresdefault-218x150.jpg
www.balipost.com/wp-content/uploads/2023/01/ 10 KB
11 KB 188ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/maxresdefault-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b82fdc5eb2fe1f654362eda77297507118b2dec1fb16fc3fe393cf590f9b8c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jan 2023 10:52:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10483
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_desa-adat-kwanji-gelar-melaspas-dan-ngenteg-linggih_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 10 KB
11 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_desa-adat-kwanji-gelar-melaspas-dan-ngenteg-linggih_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

243a13a999bab66e6d4aa847ecfe386b2d4507f803d47da4902186c194684afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 02:26:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10470
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_denpasar-pantau-ketersediaan-pangan-lewat-si-papa-online_01-218x150.jpg
www.balipost.com/wp-content/uploads/2022/07/ 27 KB
28 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/07/balipostcom_denpasar-pantau-ketersediaan-pangan-lewat-si-papa-online_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

79e8acad3757220fe08f18ddba9afffb7a9d41405f7e3e197199f09e06c98285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 05:33:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 28052
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_miliki-seratusan-butir-ineks-dan-puluhan-gram-sabu-dagang-sepatu-ditangkap_01-218x150.jpg
www.balipost.com/wp-content/uploads/2022/01/ 9 KB
9 KB 190ms
189ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/01/balipostcom_miliki-seratusan-butir-ineks-dan-puluhan-gram-sabu-dagang-sepatu-ditangkap_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

df8cf94c6c06aac8538d3b41bb58f8ab2ef023a8a4460b58d57fe4422d9d6b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2022 12:34:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 9113
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_penguatan-karakter-pada-masa-krisis_01-218x150.jpg
www.balipost.com/wp-content/uploads/2021/03/ 16 KB
16 KB 190ms
190ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2021/03/balipostcom_penguatan-karakter-pada-masa-krisis_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0780defe5ba5863237025d0cfdc28e5304dc35c7bdb3ee6e283cba3f7aff46b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 02:55:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16195
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_pikun-mulai-menghampiri-coba-praktikkan-7-cara-ini_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 8 KB
8 KB 189ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_pikun-mulai-menghampiri-coba-praktikkan-7-cara-ini_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fa79079ea0b82b1325f59d113913bf0a168df6bbd223ca97f4b1a831f7576a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 01:26:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 8063
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_makanan-pemicu-sakit-kepala_01-218x150.jpg
www.balipost.com/wp-content/uploads/2017/05/ 16 KB
17 KB 190ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/05/balipostcom_makanan-pemicu-sakit-kepala_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9605460846a5247ae9f7d94da7898e16f90c30852b571a533d3dde3f273cb6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 May 2017 04:41:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16704
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_kerja-sambil-ngafe-5-cafe-di-ubud-ini-bisa-kamu-datangi_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 7 KB
8 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_kerja-sambil-ngafe-5-cafe-di-ubud-ini-bisa-kamu-datangi_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3d856dcb624b1cbc91a78c398493d33c9f69270db63d937204b434506aa331da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 00:49:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7593
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_pasangan-ngambek-bikin-pusing-lakukan-7-cara-ini_02-218x150.jpg
www.balipost.com/wp-content/uploads/2023/01/ 7 KB
7 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/balipostcom_pasangan-ngambek-bikin-pusing-lakukan-7-cara-ini_02-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f94cceef8c9d24c45af5446bf1a8431cfb7d1e3596b9cea1c6ee01513e9638cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Jan 2023 00:23:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7385
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_anjing-disebut-peliharaan-paling-setia-simak-6-alasannya_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 5 KB
5 KB 189ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_anjing-disebut-peliharaan-paling-setia-simak-6-alasannya_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8346e7dcbf82a10394984a1719d6c24fbad7287d9dd1b02f3188660fcb8b79ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 00:16:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4779
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_bupati-giri-prasta-dukung-penuh-gemapatas_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 11 KB
11 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_bupati-giri-prasta-dukung-penuh-gemapatas_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2e9a216c1e7bbefcdfcd221fb062183a7329de996d207773200849de6547df6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 23:39:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11085
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_dinilai-mampu-lahirkan-program-dan-ide-luar-biasa-bupati-sanjaya-nilai-koster-ace-layak-dua-periode_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 11 KB
11 KB 191ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_dinilai-mampu-lahirkan-program-dan-ide-luar-biasa-bupati-sanjaya-nilai-koster-ace-layak-dua-periode_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6055a6598809a88726c521ebb7c95aba43f5ad5dc7dd1233e405abeddacd01cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 23:33:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11230
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 Ilustrasi-anak-pelecehan-218x150.jpg
www.balipost.com/wp-content/uploads/2017/03/ 10 KB
11 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/03/Ilustrasi-anak-pelecehan-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ff37bcc143b2d424a3963690babc38d50b11db540b7596a3d984ae8fbe7f8baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Mar 2017 01:54:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10522
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_bupati-hingga-tokoh-masyarakat-se-kabupaten-tabanan-apresiasi-kerja-gubernur-koster_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 24 KB
24 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_bupati-hingga-tokoh-masyarakat-se-kabupaten-tabanan-apresiasi-kerja-gubernur-koster_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f98171dbce7a2b0b33c1da4522413a5bac09a29b3326d1a863d5062a529bba9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:49:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 24215
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_inovasi-layanan-publik-semesta-berencana-bupati-gede-dana-terima-penghargaan-dari-ombudsman-ri_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 18 KB
18 KB 193ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_inovasi-layanan-publik-semesta-berencana-bupati-gede-dana-terima-penghargaan-dari-ombudsman-ri_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

82afe9399e94c31843c363b75aa5e45a332dc01a8e78e46562cf4598a8372787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:46:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 18553
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_bakal-calon-dpd-ri-ditembak-orang-tak-dikenal_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 13 KB
13 KB 204ms
183ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_bakal-calon-dpd-ri-ditembak-orang-tak-dikenal_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8c9a04fabdee4668ace88c302ac7d6e1fc9a3c7a30572405099ab087bb4131d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:40:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13090
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_panitia-seleksi-nasional-akan-mengumumkan_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 19 KB
20 KB 200ms
182ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_panitia-seleksi-nasional-akan-mengumumkan_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e838e84ff36c7716639fcd8fa6aa2e543536a98aa0a4ad20bfb6fe3fa7c13137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:39:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19734
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_penurunan-indeks-persepsi-korupsi-indonesia-menjadi-kerisauan-pemerintah_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 25 KB
25 KB 198ms
186ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_penurunan-indeks-persepsi-korupsi-indonesia-menjadi-kerisauan-pemerintah_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c13d25e73c58817709e7a5249f64dc37f0a6e0be544b9ba5cd05da37e096accc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:37:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 25564
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_pemerintah-nigeria-umumkan-status-darurat_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 13 KB
13 KB 192ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_pemerintah-nigeria-umumkan-status-darurat_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

38fea580d7308b1021a21de1b0d57d1a4cf09de646c16f90adc2d8393fe9f90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:36:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13293
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_presiden-joko-widodo-hadiri-puncak-hpn_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 14 KB
14 KB 189ms
185ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_presiden-joko-widodo-hadiri-puncak-hpn_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5afcba41f7531afcdb5dfd701fc7a636a231dc0a5a10eeb44d98d82d7402505c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:34:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 14115
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_presiden-joko-widodo-terima-kunjungan-kehormatan-para-menlu-dan-sekjen-asean_01-218x150.jpeg
www.balipost.com/wp-content/uploads/2023/02/ 17 KB
18 KB 189ms
186ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_presiden-joko-widodo-terima-kunjungan-kehormatan-para-menlu-dan-sekjen-asean_01-218x150.jpeg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4c7bd4f26fd058113bc723438a59d108924db23d03dbf42744da1dff13b754b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:32:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 17703
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_dittipidum-bareskrim-polri-ungkap-prostitusi-jaringan-international_01-218x150.jpeg
www.balipost.com/wp-content/uploads/2023/02/ 19 KB
20 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_dittipidum-bareskrim-polri-ungkap-prostitusi-jaringan-international_01-218x150.jpeg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b0e60bfe6c1170c06e99d7364ae9ca7429de2b5c501ac0819d4a8628c085a863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 10:28:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19963
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_kemenkes-umumkan-proporsi-penduduk-kadar-antibodi-sars-cov-2_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 16 KB
17 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_kemenkes-umumkan-proporsi-penduduk-kadar-antibodi-sars-cov-2_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4442d05849dcab52d6997cef6d5ca393c0e0532024466adb07beea6d2d38ea26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 10:26:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16644
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_pemerintah-tingkatkan-kesadaran-tentang-sdgs_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 21 KB
21 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_pemerintah-tingkatkan-kesadaran-tentang-sdgs_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a74ad4b94666ee0f1d4ded8ec523ebdccddd18c9f06592ffe87ab674ef6fbd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 10:22:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 21345
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_polres-karangasem-bekuk-pengedar-narkotika_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 25 KB
26 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_polres-karangasem-bekuk-pengedar-narkotika_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e6db1c496e61d476ff8ccbe4bde6f0c5daec62d689d441182bb017d7ebdb5161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 09:14:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 25820
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 balipostcom_diguyur-hujan-pembatas-sdn-2-mayong-rubuh-dan-penyengker-pura-bale-agung-longsor_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 21 KB
22 KB 190ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_diguyur-hujan-pembatas-sdn-2-mayong-rubuh-dan-penyengker-pura-bale-agung-longsor_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

00f81781064ba4d9dd024f4a225604a57e30d256bf1526622c91561c36a67785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 09:12:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 21903
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:18 GMT

GET
H2 200 Ganapathi-300x250_opt_min.gif
www.balipost.com/wp-content/uploads/2022/02/ 40 KB
40 KB 189ms
189ms Image
image/gif 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/02/Ganapathi-300x250_opt_min.gif

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f53a4e4bdd08e765ef377eec73ae37b4ffbe694654e6d38d9dc8c655a5e58ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Feb 2022 12:39:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 40917
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 58ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a31714a165b10219ca8b7a645e5ac091d4e38fe8116ed315b7a2648226af70e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50030
x-xss-protection: 0
server: cafe
etag: 15371979489257430773
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 06:08:16 GMT

GET
H2 200 balipostcom_beranda_07.jpg
www.balipost.com/wp-content/uploads/2017/02/ 5 KB
5 KB 191ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/balipostcom_beranda_07.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6b9a5f7f36f8f4940af525e24fb0457441119faf8d5fce0a077b8ea3862747f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 12:42:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4818
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_beranda_10.jpg
www.balipost.com/wp-content/uploads/2017/02/ 4 KB
4 KB 190ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/balipostcom_beranda_10.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

01ce2ae112dc4c76200f1b2c0a83a902e40e0d76559304383c5f28424b82d914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 12:42:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4148
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_beranda_08.jpg
www.balipost.com/wp-content/uploads/2017/02/ 4 KB
5 KB 188ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/balipostcom_beranda_08.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e80e4a0299b436925a2cd3076299d5db0d8c2ad6e9d591df2c07ad784a32d92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 12:42:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4362
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_beranda_09.jpg
www.balipost.com/wp-content/uploads/2017/02/ 4 KB
5 KB 191ms
191ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/balipostcom_beranda_09.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4568e5c1238819a11c6fe45bfe0959c18020bed1bc93e8db8099c2a8d3e4b034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 12:42:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4416
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_rampas-hp-dan-telanjangi-abg-sopir-ngaku-aparat-ditangkap_01-324x235.jpg
www.balipost.com/wp-content/uploads/2023/01/ 14 KB
14 KB 192ms
190ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/balipostcom_rampas-hp-dan-telanjangi-abg-sopir-ngaku-aparat-ditangkap_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f452eb0737b9ca67cfab10b08db9ef43cd2695136d893c659568bc88055630f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 08:09:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 14387
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_dua-hari-terakhir-segini-penambahan-positif-covid-19-di-badung_01-218x150.jpg
www.balipost.com/wp-content/uploads/2020/06/ 14 KB
14 KB 188ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/06/balipostcom_dua-hari-terakhir-segini-penambahan-positif-covid-19-di-badung_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f9f4fc927810c8c450a644361caa62fad39466a12a7dc6d442da1da90316d621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 12:05:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13991
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 maxresdefault-64-218x150.jpg
www.balipost.com/wp-content/uploads/2020/06/ 16 KB
16 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/06/maxresdefault-64-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ea968f1a1dd5e315a5f94f1177d66264f6ba7a6e5e8ace2d3d953b5864e8f4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jun 2020 04:21:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16372
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_tak-cuma-berjuang-jadikan-3-kawasan-zona-hijau-gubernur-koster-sedang-lobi-ini-ke-pusat_01-218x150.jpg
www.balipost.com/wp-content/uploads/2021/03/ 13 KB
14 KB 188ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2021/03/balipostcom_tak-cuma-berjuang-jadikan-3-kawasan-zona-hijau-gubernur-koster-sedang-lobi-ini-ke-pusat_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5c4aa6d686a05e2596f0e3b7a32d45ad9c6a0f3c26db0e2ad2b1e416a37f43a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 09:36:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13786
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_penertiban-prokes-gencar-puluhan-pelanggar-terjaring_01-218x150.jpg
www.balipost.com/wp-content/uploads/2021/09/ 13 KB
14 KB 189ms
189ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2021/09/balipostcom_penertiban-prokes-gencar-puluhan-pelanggar-terjaring_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

527a8d04b35853c1a30b0d2c1937e40ef54df5234e512d216bbda3ee6f24b92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Sep 2021 12:16:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13767
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_bali-tuan-rumah-kejuaraan-dunia-esport_01-324x235.jpg
www.balipost.com/wp-content/uploads/2022/07/ 30 KB
31 KB 188ms
188ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/07/balipostcom_bali-tuan-rumah-kejuaraan-dunia-esport_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ac22cc97540c372609bd3cc1195e2153b7390da19342f49458e97a32db586eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2022 23:15:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 31230
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_bali-peringkat-7-pomnas-xvii-tahun-2022_01-324x235.jpg
www.balipost.com/wp-content/uploads/2022/12/ 18 KB
18 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/12/balipostcom_bali-peringkat-7-pomnas-xvii-tahun-2022_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

14852da368645c1124930acda9ee893164b23d8f76ca4efe918f939c48584d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Dec 2022 10:04:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 18431
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_pentingnya-peranti-berkendara-yang-aman-dan-sehat_01-324x235.jpg
www.balipost.com/wp-content/uploads/2020/09/ 37 KB
37 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/09/balipostcom_pentingnya-peranti-berkendara-yang-aman-dan-sehat_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ea05e1e3891c28f2c242bc3d2c3a9944ca2d6c9f0c8fadf209e9e93442ac46f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Sep 2020 04:36:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 38039
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_universitas-dwijendra-lahirkan-sdm-job-creator-berbasis-talenta_01-324x235.jpg
www.balipost.com/wp-content/uploads/2020/10/ 29 KB
29 KB 187ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/10/balipostcom_universitas-dwijendra-lahirkan-sdm-job-creator-berbasis-talenta_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0da922d3893e736820ddfba802b6d8f1c93dee84acf29625f2a7aa70b9dac144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 20:12:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 29752
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 Honda-Scoopy-320-x250.png
www.balipost.com/wp-content/uploads/2022/12/ 33 KB
34 KB 188ms
187ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/12/Honda-Scoopy-320-x250.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e424c4c20d40e69bc6c0f5794d725ade9381b666be9b0128bd36f30fa8e1b0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 02 Dec 2022 07:13:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 34057
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 balipostcom_ebook_01.jpg
www.balipost.com/wp-content/uploads/2020/08/ 47 KB
47 KB 192ms
187ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/08/balipostcom_ebook_01.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ce8c6ae7c4058553cfb110aa176bfd69c0a7c9b95ddcb7fc02c47480db246aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Aug 2020 06:58:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 47953
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 close.png
www.balipost.com/wp-content/plugins/floating-ads-bottom/images/ 718 B
988 B 187ms
187ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/plugins/floating-ads-bottom/images/close.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jul 2020 02:00:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 718
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 google_cse_v2-87b4560942a4932f711afbdfab910ab7.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/wp-google-search/assets/js/ 328 B
550 B 188ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/wp-google-search/assets/js/google_cse_v2-87b4560942a4932f711afbdfab910ab7.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2cb63dc9bd6c4b36fb27d7fd0c4446a8b06608e8f75fb975d0547ff387979fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 238
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 core.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 189ms
189ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1821
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 widget.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 7 KB
3 KB 196ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/widget.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

38a448e9e03a9f64e7611b19af4bb8ec97fde2c708dc57ebbc7701be7ae3af08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2599
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 mouse.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 3 KB
1 KB 197ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/mouse.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

88b0379349a4dda6ebcc43c5bd12084d230c6105a6fd3c2f651c4e771b3eabef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1021
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 slider.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 11 KB
3 KB 197ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/slider.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

08e0d913aadaef201fd3200ca49fa991a2d8d02b3d9a54621123d71837bbc73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3093
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 effect.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 13 KB
5 KB 198ms
189ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/effect.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c9fb8595b38724ea9f2efda4bcc018f839e31e3d69e2c08b07d7889239b7d080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5225
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 datepicker.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 189ms
189ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/datepicker.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11002
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 effect-drop.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 997 B
882 B 187ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/effect-drop.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

639a3d16ad06e2bcba789193a228ce5f0a1cce51b5612f91bf538ef7648705eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2015 12:37:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 570
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 effect-fade.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 515 B
650 B 188ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/effect-fade.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e77789f15248b88d9867e0238ceb84ff2279871f98aa15fdd7ae66f895d714e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2015 12:37:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 effect-slide.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 962 B
878 B 187ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/effect-slide.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

58851ce24d16ff67924516a89d870d3fce4e88c5fe37d6488f38e35ea81d9832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2015 12:37:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 566
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 position.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 6 KB
3 KB 188ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/position.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

49af6b83569c5e8c707e93884d9ba619b402f0a115925951301e2e3c844f0ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2562
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 menu.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 9 KB
3 KB 190ms
190ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/menu.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

88bbd6dff28a352e8ece64314529cc2b05c37302224ff46853376daf74a40d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2844
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:16 GMT

GET
H2 200 wp-a11y.min.js Show response
www.balipost.com/wp-includes/js/ 625 B
667 B 187ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/wp-a11y.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2d3f1262723ebc47332462fed5355061924b5a2ad5e34ee4412f2f81958c5d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Jul 2016 14:26:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 355
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 autocomplete.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 8 KB
3 KB 188ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/autocomplete.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a140ef7b30807a0310338949fe4460a2e9f7ea71503c917e12550b5c06ac68ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2868
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 angwp.bundle-15e2f1256ebb0af341a4d46e10896959.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/assets/dist/ 223 KB
59 KB 198ms
198ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/assets/dist/angwp.bundle-15e2f1256ebb0af341a4d46e10896959.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9eb1c22eaace3eaadbc65aee8f3ae9524aa610d7d5e200a96322f42e1188f00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 spr_inViewport-e6eb6d0cf467ec7515cf08b43b7b9604.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/include/extensions/spr_columns/assets/js/ 360 B
569 B 189ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/include/extensions/spr_columns/assets/js/spr_inViewport-e6eb6d0cf467ec7515cf08b43b7b9604.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

749465d389587e1e1c28f0044cbe3b0fa1dc84da3aa83f68a127b2984c389e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 257
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 parallax.min.js Show response
www.balipost.com/wp-content/plugins/angwp/include/extensions/spr_columns/assets/js/ 7 KB
3 KB 189ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/angwp/include/extensions/spr_columns/assets/js/parallax.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

70d6fd02b5462a15e479da3064af714710a9afaaaa724e49bc202cb8ccc994fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 07:24:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2324
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 go_portfolio_scripts-9026ae5949c1c3315b75cd9c41ce5682.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/go_portfolio/assets/js/ 39 KB
7 KB 188ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/go_portfolio/assets/js/go_portfolio_scripts-9026ae5949c1c3315b75cd9c41ce5682.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9a4bb2cda800b4463b59e9fb2b9c879127a2682e54e45e3e9375d22a89900a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7219
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/magnific-popup/ 24 KB
8 KB 188ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/magnific-popup/jquery.magnific-popup.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

976318f8c146300f5a79a33c0659b0fb8ab7d7ef634aeb94aa38f49e6635e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 03 Oct 2021 01:11:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7956
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 jquery.isotope.min.js Show response
www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/ 18 KB
6 KB 188ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/jquery.isotope.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7078e9bfe5cf29b4352c2e2dac93d047c6f4ab1265d1c44ddf88b63b5646cff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 03 Oct 2021 01:11:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5378
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 jquery.carouFredSel-6.2.1-packed-75f2468a5d597f2cf74fcd2d4facfc6c.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/go_portfolio/assets/plugins/ 53 KB
13 KB 190ms
189ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/go_portfolio/assets/plugins/jquery.carouFredSel-6.2.1-packed-75f2468a5d597f2cf74fcd2d4facfc6c.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

577c1a1703309ed180f89c830ab65428a4c97203a6d83ed8fe146d0577b158e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13486
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 jquery.touchSwipe.min.js Show response
www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/ 22 KB
5 KB 188ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/jquery.touchSwipe.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d716856a5d7ef4f89e5b8da30178a6d8770f755c1838cb55f9646352c7aaa768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 03 Oct 2021 01:11:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5277
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 top-10-tracker.min.js Show response
www.balipost.com/wp-content/plugins/top-10/includes/js/ 314 B
479 B 187ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d8a754aeb7ddf52b4696dcbb5f3d43f8a3f1b4f7ab2e2a8189ead0ee1675e65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Feb 2020 01:08:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 tagdiv_theme-0449570fa2ac637a30e4e6fe281ded48.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/themes/balipost/js/ 234 KB
51 KB 193ms
193ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/themes/balipost/js/tagdiv_theme-0449570fa2ac637a30e4e6fe281ded48.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

744143bb86f291cdd8b04fb1ca19b86f1c04f71394f1714682df1619971bb5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 52019
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 comment-reply.min.js Show response
www.balipost.com/wp-includes/js/ 1 KB
901 B 188ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/comment-reply.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2015 19:15:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 589
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 fitvids.min.js Show response
www.balipost.com/wp-content/plugins/youtube-embed-plus/scripts/ 3 KB
1 KB 187ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 00:54:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1009
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 wp-embed.min.js Show response
www.balipost.com/wp-includes/js/ 1 KB
1 KB 187ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/wp-embed.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Nov 2016 13:38:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 751
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 js_composer_front.min.js Show response
www.balipost.com/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 188ms
188ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

60e52a19fe23790b163dd2a27b256eda989ec4b90f79b0abe0caedb1d44a0796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:17:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5606
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 jv-7b9c8b6f584913aff1ea9db62875ed3a.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/vertical-news-scroller/js/ 2 KB
1 KB 187ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/vertical-news-scroller/js/jv-7b9c8b6f584913aff1ea9db62875ed3a.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

042a44c667b7423db51b5709d9d078ff690dca919fca5b40a2ea3f59700a5561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 829
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 float-left-right-30a588d4f43f24af473270ab45dd2aa6.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/ 2 KB
887 B 187ms
187ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/float-left-right-30a588d4f43f24af473270ab45dd2aa6.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8ea8be5f9733c07ca7b7aaac3526ba6b4eb6df006ac62682cf1a536fd1aec260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 575
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 04:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4406
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 04 Feb 2023 06:54:50 GMT

GET
H2 200 newspaper.woff
www.balipost.com/wp-content/themes/balipost/images/icons/ 15 KB
10 KB 189ms
189ms Font
font/woff 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/themes/balipost/images/icons/newspaper.woff?11

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

680d3524327a5c2d6418ce70642ff47df1f7a8c3a37727d8e968b68aa0befd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:04:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: font/woff
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10114
x-xss-protection: 1; mode=block
expires: Sun, 04 Jun 2023 06:08:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 84ms
21ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 411560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 11:48:56 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 134ms
73ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:07:02 GMT
x-content-type-options: nosniff
age: 187274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 02:07:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 85ms
26ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 285511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:45 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 123ms
68ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 01:55:47 GMT
x-content-type-options: nosniff
age: 274349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 01:55:47 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 newspaper-icons.woff
www.balipost.com/wp-content/themes/balipost/images/icons/ 6 KB
4 KB 200ms
199ms Font
font/woff 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/themes/balipost/images/icons/newspaper-icons.woff?1

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:04:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: font/woff
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 3860
x-xss-protection: 1; mode=block
expires: Sun, 04 Jun 2023 06:08:16 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 92ms
42ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 08:26:15 GMT
x-content-type-options: nosniff
age: 78121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 08:26:15 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 103ms
60ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 22:32:39 GMT
x-content-type-options: nosniff
age: 27337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 22:32:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-32621011-1&cid=1827210393.1675490897&jid=1975394898&gjid=1882025316&_gid=1695449792.1675490897&_u=IGBAgAABAAAAAEAAI~&z=888325474

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.balipost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 06:08:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.balipost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=922943613&t=pageview&_s=1&dl=https%3A%2F%2Fwww.balipost.com%2F&ul=en-us&de=UTF-8&dt=BALIPOST.com%20-%20Berita%20Bali%20terKini%2C%20terUpdate%20dan%20terPercaya%20%7C%20Portal%20Media%20Inspirasi%20Local%20Untuk%20Global&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAABAAAAAAAAI~&jid=1975394898&gjid=1882025316&cid=1827210393.1675490897&tid=UA-32621011-1&_gid=1695449792.1675490897&z=1343062231

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 23:01:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25624
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ 361 KB
119 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2829192160917889&plah=www.balipost.com&bust=31071812

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2829192160917889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

070135efc1f767bfa35e3baa57f2159bda8fd90bc793a50891708f7e3f1ec43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121172
x-xss-protection: 0
server: cafe
etag: 13622894372672829373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 06:08:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame F434 10 KB
5 KB 55ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2829192160917889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 19:46:09 GMT
etag: 10353107486223812946
expires: Fri, 17 Feb 2023 19:46:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 54ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-32621011-1&cid=1827210393.1675490897&jid=1975394898&_u=IGBAgAABAAAAAEAAI~&z=1200852230

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 120ms
45ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-32621011-1&cid=1827210393.1675490897&jid=1975394898&_u=IGBAgAABAAAAAEAAI~&z=1200852230

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements.png
www.balipost.com/wp-content/themes/balipost/images/sprite/ 4 KB
4 KB 192ms
188ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/themes/balipost/images/sprite/elements.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:04:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4324
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 103ms
41ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.balipost.com&callback=_gfp_s_&client=ca-pub-2829192160917889

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2829192160917889&plah=www.balipost.com&bust=31071812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65cdb4094de240f160dead74d4187651ad0ca73497c003d561a8998393a9d19f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 64ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.balipost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 116ms
42ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.balipost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 94B5 0
188 B 114ms
113ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&adk=1812271804&adf=3025194257&lmt=1675488952&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.balipost.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896718&bpp=7&bdt=1054&idt=178&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2765791972825&frm=20&pv=2&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
expires: Sat, 04 Feb 2023 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 605C 74 KB
29 KB 379ms
379ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896953&bpp=1&bdt=1289&idt=1&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=WAdfzny6Cn&p=https%3A//www.balipost.com&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23ca2cd8e37785daf3aa7a832de57ba7c1105b57b72858b093e9092c4a35eda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30106
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
expires: Sat, 04 Feb 2023 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

500

cse.js
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0
https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0

0
0

138ms
63ms

Script
text/html

2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Server: 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Sat, 04 Feb 2023 05:56:56 GMT
x-content-type-options: nosniff
server: sffe
age: 680
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
expires: Sat, 04 Feb 2023 06:26:56 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96E7 74 KB
29 KB 328ms
328ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d91b968829d146f6fe05fbc7690c73e5da58b750a2b4edb71c5d1d44226eeac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30100
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
expires: Sat, 04 Feb 2023 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4C8 86 KB
31 KB 321ms
320ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b56b3c8203fec9f9191d5ff63809771f039c58c3bef5ae0656aa3b874680ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31850
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
expires: Sat, 04 Feb 2023 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A931 430 B
230 B 283ms
283ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6d74732aea6f960bc0226b6cd6fdb847dad575672bff8370c6cc64935b8cf8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
expires: Sat, 04 Feb 2023 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7422 430 B
229 B 278ms
278ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896887&bpp=1&bdt=1223&idt=121&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C160x600&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pYHEgIUr9x&p=https%3A//www.balipost.com&dtd=123

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e01e250b9c5671fa8592f6faad7a10de30e18b94cb5e6f85e8928670c050b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
expires: Sat, 04 Feb 2023 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 7657879a-ce26-452c-bf30-b02b6cecd4f1
https://www.balipost.com/ 218 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.balipost.com/7657879a-ce26-452c-bf30-b02b6cecd4f1
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a64a8e8c3e320320a0340916b6606014c2193eba441414d2250636ebc834839

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 218
Content-Type

GET
H2 200 1567237215580230972
tpc.googlesyndication.com/daca_images/simgad/ Frame 96E7 31 KB
32 KB 38ms
16ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1567237215580230972

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2e217c62039a8e5d1c7f27ee70af039bd355789a085e163c59f2efe06e4120a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:09:52 GMT
x-content-type-options: nosniff
age: 64705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 08:13:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 12:09:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 96E7 22 KB
9 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 96E7 3 KB
1 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 96E7 18 KB
8 KB 20ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96E7 157 KB
48 KB 197ms
141ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 96E7 33 KB
13 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d02adac15e34cf8f7ce081e8494b9522091281a4adbdfb0c12e7a6bbe3c98f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13610
x-xss-protection: 0
server: cafe
etag: 17181213163917467211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 20:26:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E4C8 4 KB
717 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 06:05:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E4C8 2 KB
818 B 27ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame E4C8 22 KB
9 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E4C8 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E4C8 18 KB
8 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4C8 157 KB
49 KB 136ms
75ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame E4C8 33 KB
14 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 96E7 0
0 53ms
53ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMjykUPbdY_e7PIT9zQaV_KigBOCI-61ukvOltpURloLNhYgWEAEgmMyaI2CV4pCCoAegAYGhpLkoyAECqAMByAPJBKoEzgFP0KFwjaS5nnsG8gi8rsWTKlfiDhnivAKIvwhM9JnvDNCydTm3AeeHtE-hrp7MK5wBvmd270KMWF4PKvLmpgRzm-FP_f71WJxjY2ICyVfQMF7o_glaoyZGsO1FuKOsd2hIWDI1TytammYhZRrBlLzyfgObSnJvfmdqkl418rhEA5KeXsa1JiS_tblVuVSECPp2X2QGC361AWqm5XYdJ3HEsOo2d8CCEnwvlTCVJOdHkDvHuEFUHG3ZltG5a3Flw_TQ_d55RXaD1Etq0mgBMsAEvcvFl5kEkgUECAQYAZIFBAgFGASgBgKAB4HZ9JgDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQu3rSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=ai-tb7Wug84&uach_m=[UACH]&cid=CAQSGwDUE5ymkE0rp3r69n-Q7Nf4kR69wtHvlIikABgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E4C8 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ6cbUfbdY4Qmg_bNBvD4rogEpKno3m6Zqu7LixHAjbcBEAEgmMyaI2CV4pCCoAegAZ_YycEByAEJqQKzF6QUwT1KPqgDAcgDywSqBMABT9A3MC5BLnkWudRZLH3fTX_otEt33RZ9QdBzSwsJ7QdU0hPn7q-7oRndp9BN3tpCZheSKxxceTDG1_QURF8aIFWeai8huzLoXrjTZKeUSNfZNwHF0DztUlLUajv1ax7xxXMA039zBnXS4Ad6_dB1yXd_KCnyM0TpUjFRKeOQcDvvbruy_dIPS53qPoBxzlQU0VHl3Ju8U8uNqRCvXn9i7GH3qR-8Q7VqoX8T4W2mpnYJwBjSec09hKCu23CPLg7GwAT-gLvgmQSSBQQIBBgBkgUECAUYBKAGLoAHyae2vgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCQNdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI4MjkxOTIxNjA5MTc4ODkYAA&sigh=e_an8_M-h3E&uach_m=[UACH]&cid=CAQSGwDUE5ymXhCX7TN54Wy1NM5lepZTJ6RMcpExaxgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H2 200 9101715380343016759
tpc.googlesyndication.com/daca_images/simgad/ Frame 605C 40 KB
40 KB 11ms
11ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9101715380343016759

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896953&bpp=1&bdt=1289&idt=1&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=WAdfzny6Cn&p=https%3A//www.balipost.com&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff1b8eef215db09a107ad693b21a4e40d5b597cce9e224db47fc74cd3604669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 13:19:54 GMT
x-content-type-options: nosniff
age: 233303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41253
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 09:35:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 13:19:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 605C 22 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 605C 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 605C 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 605C 157 KB
48 KB 179ms
152ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 605C 33 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d02adac15e34cf8f7ce081e8494b9522091281a4adbdfb0c12e7a6bbe3c98f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13610
x-xss-protection: 0
server: cafe
etag: 17181213163917467211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 20:26:52 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3868261389813518389/ Frame E4C8 109 KB
109 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3868261389813518389/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e10858db6f9326af888220b000a340779c5fd517706e14321c3bbc7e1deb4d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:20:57 GMT
x-content-type-options: nosniff
age: 355640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111838
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 21:41:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 03:20:57 GMT

GET
DATA 200
OK truncated
/ Frame E4C8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 605C 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgoUUUPbdY7aXO8qc-wby-IPoAYfjj-VulPb97OMQuvbj1o44EAEgmMyaI2CV4pCCoAegAYbvq5UCyAECqAMByAPJBKoEzgFP0LKQ1BFU_WctUBxtvJ0AN8fyo67MNTJSVg86yhdbglASe8-BuNpKtQZr0LV7TldwXzJq5JMTCEl2RMzS-QkfCkuK9kgkZsyOsWzdYPNHRh-QA_qaooO23Exux1ykEI8KImpi7iCW1kXqqt7CqA_TDnBC0IkVjnnU-g9e1vmDNAxvlV4ImuFcw12DtNLHbZKWFYgDAcfwg4WoW-ki1yAIIiPgNNt3ghgiWYXPl__WY9P75AAY5HnwQXKTTZ_6YWKAmeK_bOctPsB3K3alDcAEuvCupp8EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-KQ1OoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ5kbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=2o5VpvdZC-8&uach_m=[UACH]&cid=CAQSGwDUE5ymqNA4xN5s8Xqp0K0J-IPFQKm4RIO1XhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896953&bpp=1&bdt=1289&idt=1&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=WAdfzny6Cn&p=https%3A//www.balipost.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 351A 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:02:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 96E7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db32823404e251c378ec37a7b2654e1ea86df67d799e3d35f2ee86a3f2b2aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E4C8 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e10883da317ac701db529c65a622ed43a79375bfe7937b9784e0914130f1b1a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1106 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896953&bpp=1&bdt=1289&idt=1&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=WAdfzny6Cn&p=https%3A//www.balipost.com&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:02:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 605C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7e90a1fbd4357ed481163ca35019a5af76b95c4fe2cd99c1f9b0df01c06e745

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 351A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
15ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
expires: Sat, 04 Feb 2023 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1106
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
24ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
expires: Sat, 04 Feb 2023 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4C8 16 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:23:02 GMT
x-content-type-options: nosniff
age: 398715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:23:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4C8 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 411561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 11:48:56 GMT

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame A7DD 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 07:28:31 GMT

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 133E 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 07:28:31 GMT

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame F1C3 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 07:28:31 GMT

POST
H2 200 admin-ajax.php Show response
www.balipost.com/wp-admin/ 0
419 B 455ms
454ms XHR
text/html 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-admin/admin-ajax.php

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/wp-includes/js/jquery/jquery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.balipost.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff, nosniff
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
p3p: CP="NOI"
access-control-allow-origin: https://www.balipost.com
content-type: text/html; charset=UTF-8
cache-control: max-age=15, s-maxage=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 96E7 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame A60E 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 8D1F 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DF1 27 KB
12 KB 358ms
354ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: webpack:///./assets/dev/js/jssor.slider.min.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b439cca118a26d74750a7bbd66a424bd64386abf3063627426ed3f89e92b734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12550
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E4C8 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 14F7 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 4085 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 152D 26 KB
12 KB 422ms
421ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: webpack:///./assets/dev/js/jssor.slider.min.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd80978029a3927449232044b5e7e4c21fb7550ee750134148bf58368b3e7750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11990
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame D6B5 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 6716 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 20F8 31 KB
12 KB 385ms
384ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: webpack:///./assets/dev/js/jssor.slider.min.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7b2511821accd27da140126dfe86b6687a8decc356ff7c180069e363522162b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12583
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame A9A8 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame F326 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33A8 430 B
226 B 384ms
383ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: webpack:///./assets/dev/js/jssor.slider.min.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

908c3c9a7ea93db81fc6ac171cc15e33748400b3f7093d66bafc8f740f4c7b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 prev.png
www.balipost.com/wp-content/plugins/logo-slider-wp/public/assets/img/ 1 KB
2 KB 188ms
187ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/plugins/logo-slider-wp/public/assets/img/prev.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

71a3c4b86870ea13d02cd4effc181dfe5b1582109bff2b79a998b64fbdc25e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Feb 2020 11:13:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1354
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H2 200 next.png
www.balipost.com/wp-content/plugins/logo-slider-wp/public/assets/img/ 1 KB
2 KB 188ms
187ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/plugins/logo-slider-wp/public/assets/img/next.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ad3616f8f2aa610e535c677b50a8e617ee4168aba7c0c050f0cfac69c4682458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Feb 2020 11:13:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1342
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:08:19 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3DF1 3 KB
2 KB 81ms
30ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJVNFl6WTNZall0WXpVd09TMHhaREEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODYzMTAyMzA4ODkzMDAxMzQvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNkazg0TWtMSGowT016bHJoUjJUZkRBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM4NjMxMDIzMDg4OTMwMDEzNC9hbXMvMC82ODcyLzEzLzk5OS8yNTgvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjc1NDkwODk3LzE2NzU1MDM0OTcvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/A4x5ISQiNBn-pFqv2vHoT0u0rkQ&nodeid=3276&group=cdg&auctionid=6386310230889300134&pbs_auctionid=6386310230889300134&shardkey=6386310230889300134&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%26client%3Dca-pub-2829192160917889%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.379.0 /
Resource Hash: 06c90677fdd315ab9122ae66492dfe2e4c5901428cf25c4526da17cd40c60a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
x-mm-nodeid: 3276
Content-Encoding: gzip
x-mm-bid-request-time: 1675490897
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Sat, 04 Feb 2023 06:08:17 GMT
Server: MMBD/3.379.0
x-mm-latency: 12 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x27, cdg-bidder-x77
x-mm-lag: 1
Expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3DF1 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3DF1 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3DF1 0
0 14ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRH4mRu92zIa6g8145D4RC3R4V0a9G1HpqWERFUroIhb9jmV05ysbWwbP6PhXLFP8DbOyF57u1AX_DPs-9bYVfFlBzBTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DF1 157 KB
48 KB 66ms
65ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:08:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3DF1 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CisUNUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEtgFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTHF6p6NWYlnU__JVqsUTu6Iz4GTx4G6xfud4-fM7JG8lz70POOdzYAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjgyOTE5MjE2MDkxNzg4ORgA&sigh=lvTR63uJbsM&uach_m=[UACH]&cid=CAQSKQDUE5ym6E7V9vwOjp_LvBqxFS-BBK-MkRoZaX-Qe_q7HA9u7_FuCalKGAE&tpd=AGWhJmuB9Bd6AdmK2TCggGyX3HoPJOqnRd6G8Ee5XB55FdQwbaeEynnTjdPTTy8CULi5ZP4JCYDxaEioawfG7ROJWnUUCo86APMtUCiO1aRM7BsC1ph6yGtBVL5iB8YGsbUECP96wj2ObXoBz9gYavTMfwvyMREHyEMX3_jYxdzcmkwH5FS776RdKcELXjGdMwbVyFzm93HO4UDzqIeVylznS7q-NUwovgpLEbgWAJxZDbM607SWO6VbPbGvHkms0TmpbzIIgkuezNLjA2SGpevPxiBJBXJPI85ckpSfP9TNsKgpMayQEMux5rZvwgNXzbY-y4T3zADY6BoSv11Q9pTV22hfaoVIpe9muU4fzGXCISvIJ2ExTRp4KwNhRhvFPJriqwRSrMmbRxHdlq240VNI1nzjzBEuF5aJnqCCAS8uwDDI1W_ffQmASaql0yrQz7ddUpVohmcqsj3eGEuxw5sDe0S9Bxw1s0_isUj76L6bUB3w9u0xKl-ZCgpHBV0IM1spI18dQ8gPy-q0lIMEHw_9MZOrZhdCNXdm9ITStNXNjnfXNPgCoBfM0qxaTIifJqIpgsGEczSiWFLTHBoDOIuzMXJCuQNzj8JxSZL6O0fjr8mVkRnk8pT6Z7WR8Z_M0GT7PpgjrH9NzUsttMdVs6MIklzEmbfRozd2UofQj0XyonYXq2QLxnWrV-UgZqfRD7zvrk3XhR-4oKFkmR4XkaHHTeLQk6TJTLIleS7QgD91WLl8cWq_ih2D9BqF8cMnvmWNHvcnMxIf9dicm04bdRAbURYOxVdnhiAGzhWzz7LknmkbPcS8P1XysFgAWx93vI4mhfmkNVD-Y3iVtG2yaXU8yKGe9FLqW52OBtktFtDrd-gw00UfyIVCVWyraWy7vVwO__BeoOu824E-759WNp9O6rOscu50-KcgK7v_KhMeT6eBr0umdZGlDsK0F2WrOSPg8rdKsu9mHr-sgFxZXIR99PB88w7Ox9bTZweKrn7SKDHTxgvBN4mxeXt9JbHXLESTRvFDTcaixP-eDL1UUJZL0nfZ9ZC2MnOIZLSh6drOf8Z-gTNnoM6Vc54WDa42WTgWLs7bCY0BFg9P8fcau_8lOk0isPHUNqKOf0hhh8uux9S4WxTOYz9LSPEIVJLt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 767C 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXgp2UfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS8AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV5LtGPAvp1QzO4SajogaAcJYGo_aoti6hA9XmMjWOs2DRjoQ2u9XgAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI4MjkxOTIxNjA5MTc4ODkYAA&sigh=GUtuXKi01G4&uach_m=[UACH]&cid=CAQSKQDUE5ymJmcKQvQba84gvhlOi8_kw-PW_zdI-6htvxKFR-7zi0A4_iTBGAE

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 767C 0
0 120ms
94ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1he0w7xsn3y92hmvfcxgtrxb71c99k2gre4s8avb7jwt2y4mphkzqzd2ceee68df4ha05c5q27kyh77kex24drhs64y62a06cbe837f3gbnng3tsha9r79r358jfqefsnxwbx3zvyasdrqd1eqfc8kz4220rpt2nyspmcr797c1r0k90g343w3rwx3hf5913hm24gaj07fww7wyaqd1ccwkf4gjqsybcmrfrp2yf5g734nz9dzj4qwavranyqmg6rv4h2fmekkmzk3sde6qqdppggmsb1fq2abyfkac8y4rgdf5mdfqkzf13tb32q4dcxnamxg49kcww9n1d0mxzdfc4atct5y3paa1jm05yye1bfp50p4z4v69jmr478mk535vm8m14yr&b=Y932UQAOK9gK3tgMAAlMRx401AXAd9RaCST2zA
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 3B92 2 KB
3 KB 60ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g81tyn1whsbjjfak58bad6p2yk9000mjezrfzm1yvbhpcz22fa897r21enzg9af7jghwb5ttrc57r7s1q3w1hqxn9fec0x9bxajg9s5wjx010gj5pgkv0anw3skzq967x3rzv5z1112v3r2t07j8p1cc94ae4cwy1stxyk4x3jbbe51999h9g3pd74fag2a8veg7xxpcpb09ctrw3k4qyzz1mj1btzbgy1hpv8qc26625rrmmzxjt1cac2yn81xjgm318pyyywvsyz763nhftw277jaftycjzk981j1ktbb3gmnank0hzxq24e914tycqbakrrbf0v57qyvgbb5r6sg5917zccatamhmzgjd64h6n7m3xqeqwsrk5hj5wt2ybx9v3mk5ehhpdrpvdatvxk3n966smhr85g6ydh9b4txfxtw5b9vw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%26client%3Dca-pub-2829192160917889%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58302f71a13aafde83f5313f1318f4c3613f0050c8cfd2246dd85457571f9a29

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413b22ae3b9188-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:18 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 767C 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2666 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Sat, 04 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 767C 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 767C 0
0 15ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0VIE5XgEukVJPqozVw6ymx5CMIjZLk6NSug4OXly3GnUJiBiLZ0qzF2IWjx2Ywrd-VBB_s52MUqxFKAGA6efNs1Ouag
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 767C 157 KB
48 KB 76ms
75ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:08:18 GMT

GET
H/1.1 200
OK y39eto6m2jel Show response
hal9000.redintelligence.net/zone/ Frame 3DF1 10 KB
3 KB 69ms
13ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=1&gdpr_consent=li&rnd=6386310230889300134&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dumuv5zkbiXcvp8N65iHyTg%26exch_seat%3D20035004448%26mt_aid%3D6386310230889300134%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D468363dd-f652-4101-84e6-012c95e6e280%26mt_cid%3D468363dd-f652-4101-84e6-012c95e6e280%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%2526client%253Dca-pub-2829192160917889%2526adurl%253D%26redirect%3D
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 336128f35b8e9c6cc864f62e324174dc26c2a68e02e3fb7ec230383a1b160448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3310
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3DF1 49 B
329 B 78ms
42ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6386310230889300134&node_id=3276&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJVNFl6WTNZall0WXpVd09TMHhaREEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODYzMTAyMzA4ODkzMDAxMzQvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNkazg0TWtMSGowT016bHJoUjJUZkRBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM4NjMxMDIzMDg4OTMwMDEzNC9hbXMvMC82ODcyLzEzLzk5OS8yNTgvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjc1NDkwODk3LzE2NzU1MDM0OTcvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/A4x5ISQiNBn-pFqv2vHoT0u0rkQ&nodeid=3276&group=cdg&auctionid=6386310230889300134&pbs_auctionid=6386310230889300134&shardkey=6386310230889300134&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.379.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Server: MMBD/3.379.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x64, cdg-bidder-x77
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 3DF1 7 KB
3 KB 280ms
30ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.balipost.com&ui=ce8c67b6-c509-1d07-0000-000000000000&ap=&ti=6386310230889300134&pv=f980f66e-29fc-4063-8789-358eb161e479&pp=pub-2829192160917889&sr=4&de=43003&si=2114837484&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=2001:ac8:20::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJVNFl6WTNZall0WXpVd09TMHhaREEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODYzMTAyMzA4ODkzMDAxMzQvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNkazg0TWtMSGowT016bHJoUjJUZkRBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM4NjMxMDIzMDg4OTMwMDEzNC9hbXMvMC82ODcyLzEzLzk5OS8yNTgvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjc1NDkwODk3LzE2NzU1MDM0OTcvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/A4x5ISQiNBn-pFqv2vHoT0u0rkQ&nodeid=3276&group=cdg&auctionid=6386310230889300134&pbs_auctionid=6386310230889300134&shardkey=6386310230889300134&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%26client%3Dca-pub-2829192160917889%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

98010c073a5d4feed6bf2dd49674fd9ee8d5c5c223b2a031213fd71b61e85132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:08:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2986
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3DF1 43 B
404 B 104ms
43ms Image
image/gif 92.123.37.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6386310230889300134&v3=1262142&v4=12780336&v5=11204419&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJVNFl6WTNZall0WXpVd09TMHhaREEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODYzMTAyMzA4ODkzMDAxMzQvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNkazg0TWtMSGowT016bHJoUjJUZkRBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM4NjMxMDIzMDg4OTMwMDEzNC9hbXMvMC82ODcyLzEzLzk5OS8yNTgvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjc1NDkwODk3LzE2NzU1MDM0OTcvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/A4x5ISQiNBn-pFqv2vHoT0u0rkQ&nodeid=3276&group=cdg&auctionid=6386310230889300134&pbs_auctionid=6386310230889300134&shardkey=6386310230889300134&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-37-164.deploy.static.akamaitechnologies.com
Software: MT3 441 9053ffc master zrh-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Server: MT3 441 9053ffc master zrh-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3DF1 49 B
329 B 72ms
35ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6386310230889300134&st=12780336&time=1675490898&nodeid=3276
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJVNFl6WTNZall0WXpVd09TMHhaREEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODYzMTAyMzA4ODkzMDAxMzQvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNkazg0TWtMSGowT016bHJoUjJUZkRBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM4NjMxMDIzMDg4OTMwMDEzNC9hbXMvMC82ODcyLzEzLzk5OS8yNTgvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjc1NDkwODk3LzE2NzU1MDM0OTcvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/A4x5ISQiNBn-pFqv2vHoT0u0rkQ&nodeid=3276&group=cdg&auctionid=6386310230889300134&pbs_auctionid=6386310230889300134&shardkey=6386310230889300134&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.379.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Server: MMBD/3.379.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x69, cdg-bidder-x77
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 152D 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 152D 18 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 21:44:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 152D 157 KB
48 KB 125ms
124ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:08:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 152D 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C54RXUfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvAFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLVU1pjEPdakxZxq9QZDHrHfZ7P65VdxDAVxUiFIVpw-qAQgSowvX4AG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=5DkJ2l7xk4o&uach_m=[UACH]&cid=CAQSKQDUE5ymelzMVXAzWq2GA0fRFaOwi2cJFAbDJ0odymkfm-SKm3RQ2pujGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 152D 0
0 19ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h9p0gcs7xdvks1y2xxbc37hg1vp73cyzr636vck7w1nz8fkbqfbq6as1sazfdm7c7m4pfp60r2wys69cac0m8efjf5kbmh8pp3p4m6j9bypkzms2e609che6wm8hrtp26kba1hxkcq19sgeysv1829xyd9w30zaaer7pvek62hdswad0a3fzqcm2jhec1vn764r0tcbee8z66wqeg0jfbevtr8scx8edzwjh39h0e34qm0wtmsxaahf3py4m6ftwztgrpbegnq5yxtgarfyy1yrkfyqz3xmw7nhj4f4e74mtjr2w4g9hrahw06wsq45c1y2wkmrwf65dyzhxg6dxn4mchc3zhmjjrz0z3y75q1sz7h285a69wa2ccv9vwcgrcmt51478xh1v3r&b=Y932UQANxnkI9kItAA-YeqxydCVVDP59ORaB9Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A7EF 2 KB
1 KB 29ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k5ed92bb6n1cfyp6cryz2e9xdk2fgv821r27e47adwae5c182ca7kc3ngdmqjfh5hev1jcypszr72zgnrdaj715z5nh29vsegx3s35a55hs14fkcx8dkq3d07ktwkjgkjb2tmqqd1c88svfz2m6fq4v059mk7vbaxq4vb84cadk2kzr01h1kjcf6dz4v0w7g2fp5404gw7qa7k5w03acgavxfrj73kpbb2d4r39s1y8wwsf9rgtm7p3z0kd6cj7689w6htg5f09p6jgffevd8438fv26tf6fh2e9mtn5r97vyymvrdq7z2q5b8gf4pq2t6kqx6d8rvmt529cx3b9xvwqv10xc0zyv8zrhjrw8e88s5asbfg4das0qsxjneytcvm7sx696887f5j1a3wdj5cvhz6k20ycgp3ppr5d0btmv63vmde290awdx3wp5mvtmnmyrytr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%26client%3Dca-pub-2829192160917889%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c1cdcc2bf3aedf7ecfdf8bcd5c942b859fb1299f4d1ba9becf3d0321b1051cc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413b22be449188-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:18 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D53 1 KB
643 B 9ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Sat, 04 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2666 0
104 B 107ms
23ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFrPH0jD7tIF6K_rqP2eFeY&google_cver=1&google_push=Aa02lx8_OYuwkXcqhPiByoQZwDOr9Q1wuYcqc5HNgaqv1QPNAK3hBtlKRVm-GouG1Qpmf9E2bLlu_b_ZaTbbH9voBiDUlox1ShlI9QY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2666
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFFnvClvL7P62UCPUM0ouU&google_cver=1&google_push=Aa02lx95DOKLxn8IVatDHXNS2NXWhn8PK6J3BUAyfzyE37aFVBtg0hbzAK01meXM6px-qk53pAAf4PdCIhSW5ZxQ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=RoNj3fZSQQGE5gEslebigA&google_push=Aa02lx95DOKLxn8IVatDHXNS2NXWhn8PK6J3BUAyfzyE37aFVBtg0hbzAK01meXM6px-qk53pAAf4PdCIhSW5ZxQkQB9jTPe...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=RoNj3fZSQQGE5gEslebigA&google_push=Aa02lx95DOKLxn8IVatDHXNS2NXWhn8PK6J3BUAyfzyE37aFVBtg0hbzAK01meXM6px-qk53pAAf4PdCIhSW5ZxQkQB9jTPeOgbsyVw

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Server: MT3 441 9053ffc master zrh-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=RoNj3fZSQQGE5gEslebigA&google_push=Aa02lx95DOKLxn8IVatDHXNS2NXWhn8PK6J3BUAyfzyE37aFVBtg0hbzAK01meXM6px-qk53pAAf4PdCIhSW5ZxQkQB9jTPeOgbsyVw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2666
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENH9lXobsUM4SgsjLO3mXmo&google_cver=1&google_push=Aa02lx-q-mLTknWD5DhYznUQ1UXd9n3XTlbagoCvX4rtt3i5vSoWZByQvlGH20d11-00Jtg49OTBq9pTe2CJXfysqpsVJUh4hhSkFbk
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=223FC91346F34358A9682166A18CFBCA&google_push=Aa02lx-q-mLTknWD5DhYznUQ1UXd9n3XTlbagoCvX4rtt3i5vSoWZByQvlGH20d11-00Jtg49OTBq9pTe2CJXfy...

170 B
329 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=223FC91346F34358A9682166A18CFBCA&google_push=Aa02lx-q-mLTknWD5DhYznUQ1UXd9n3XTlbagoCvX4rtt3i5vSoWZByQvlGH20d11-00Jtg49OTBq9pTe2CJXfysqpsVJUh4hhSkFbk

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Feb 2023 06:08:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=223FC91346F34358A9682166A18CFBCA&google_push=Aa02lx-q-mLTknWD5DhYznUQ1UXd9n3XTlbagoCvX4rtt3i5vSoWZByQvlGH20d11-00Jtg49OTBq9pTe2CJXfysqpsVJUh4hhSkFbk
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 03 Feb 2023 06:08:18 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2666
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEByNH1dYfnHp9htHM4nYV2w&google_cver=1&google_push=Aa02lx9jbz8L50qrZw3gqs9nSg1gWbWrcIHdu9K9LDCsyOtejgVNXyhY8i3M4YhiponV2Q2MXNvVwVlf...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEByNH1dYfnHp9htHM4nYV2w&google_cver=1&google_push=Aa02lx9jbz8L50qrZw3gqs9nSg1gWbWrcIHdu9K9LDCsyOtejgVNXyhY8i3M4YhiponV2Q2MXNv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4ODQ5NDk1ODU0NTIwNDI5Mg&google_push=Aa02lx9jbz8L50qrZw3gqs9nSg1gWbWrcIHdu9K9LDCsyOtejgVNXyhY8i3M4YhiponV2Q2MXNvVwV...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4ODQ5NDk1ODU0NTIwNDI5Mg&google_push=Aa02lx9jbz8L50qrZw3gqs9nSg1gWbWrcIHdu9K9LDCsyOtejgVNXyhY8i3M4YhiponV2Q2MXNvVwVlf1PMbEGbfrfri9RCDUNb4n0M

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4ODQ5NDk1ODU0NTIwNDI5Mg&google_push=Aa02lx9jbz8L50qrZw3gqs9nSg1gWbWrcIHdu9K9LDCsyOtejgVNXyhY8i3M4YhiponV2Q2MXNvVwVlf1PMbEGbfrfri9RCDUNb4n0M
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2666 43 B
351 B 69ms
15ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENOpCQtWue-ge0hl0uGZFB4&google_cver=1&google_push=Aa02lx8jsr-rP1x85J9s_pKoY62P260mJZ3U-lV_pS8J6HR-jajF7KQzuz2-BBN1aoXYtqfXiSQQGG2fcDFX0ItzcmJbWTy-g5aPxQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5k2tao5n7gjimmm3iv6o92vsqf6stpin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2666
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9hebmVIriZXgX-djZ9acYQTLlhtP6uhtHwpvylf1NFeaQNNrYXJxjkwsEu-E56ZpZ6I9Clk0Ge3bQvc7Oh9y8dLW-9wuR31E0&redir=https%3A%2F%2Fcm.g.do...
https://sync.targeting.unrulymedia.com/csync/RX-15d853ff-2cd1-4668-bce5-cd0b2580fefd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9hebmVIriZXgX-djZ9a...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9hebmVIriZXgX-djZ9acYQTLlhtP6uhtHwpvylf1NFeaQNNrYXJxjkwsEu-E56ZpZ6I9Clk0Ge3bQvc7Oh9y8dLW-9wuR31E0&google_hm=AxXYU_8s0UZovOXNCyWA_v0

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9hebmVIriZXgX-djZ9acYQTLlhtP6uhtHwpvylf1NFeaQNNrYXJxjkwsEu-E56ZpZ6I9Clk0Ge3bQvc7Oh9y8dLW-9wuR31E0&google_hm=AxXYU_8s0UZovOXNCyWA_v0

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9hebmVIriZXgX-djZ9acYQTLlhtP6uhtHwpvylf1NFeaQNNrYXJxjkwsEu-E56ZpZ6I9Clk0Ge3bQvc7Oh9y8dLW-9wuR31E0&google_hm=AxXYU_8s0UZovOXNCyWA_v0
date: Sat, 04 Feb 2023 06:08:18 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX15d853ff2cd14668bce5cd0b2580fefd003
content-type: text/html

GET
H2

200

report
sync.teads.tv/um/ Frame 2666
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEORqEYri7dg7xefm0RTrb8k&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9oh_yICxQz79gb5NNSDfVVqw_uS6hM3h_RXGGkkX9aAX5H4C48Xt9hblFSuQ-i3GFw4iNTu85rlkOje7Z02qq6t2E-WSjctgs
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

67ms
67ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 04 Feb 2023 06:08:18 GMT
pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2666 0
139 B 51ms
13ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8fxp-1QmiakILinx_IEm5zm8xTYDqKLwNS13dSYxxITx9cXKVMauTzsC5NfV3skPXrCTrBg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 152D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bff12820a23bb3fe79903e659b5dd56cd9b3643c743ea7eca8db8e1361533917

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 767C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0e1d21589d1b473d33e0409b74e27000c38025aedef5a2c2fe42f2e8f62a3af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 3B92 94 KB
12 KB 26ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g81tyn1whsbjjfak58bad6p2yk9000mjezrfzm1yvbhpcz22fa897r21enzg9af7jghwb5ttrc57r7s1q3w1hqxn9fec0x9bxajg9s5wjx010gj5pgkv0anw3skzq967x3rzv5z1112v3r2t07j8p1cc94ae4cwy1stxyk4x3jbbe51999h9g3pd74fag2a8veg7xxpcpb09ctrw3k4qyzz1mj1btzbgy1hpv8qc26625rrmmzxjt1cac2yn81xjgm318pyyywvsyz763nhftw277jaftycjzk981j1ktbb3gmnank0hzxq24e914tycqbakrrbf0v57qyvgbb5r6sg5917zccatamhmzgjd64h6n7m3xqeqwsrk5hj5wt2ybx9v3mk5ehhpdrpvdatvxk3n966smhr85g6ydh9b4txfxtw5b9vw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g81tyn1whsbjjfak58bad6p2yk9000mjezrfzm1yvbhpcz22fa897r21enzg9af7jghwb5ttrc57r7s1q3w1hqxn9fec0x9bxajg9s5wjx010gj5pgkv0anw3skzq967x3rzv5z1112v3r2t07j8p1cc94ae4cwy1stxyk4x3jbbe51999h9g3pd74fag2a8veg7xxpcpb09ctrw3k4qyzz1mj1btzbgy1hpv8qc26625rrmmzxjt1cac2yn81xjgm318pyyywvsyz763nhftw277jaftycjzk981j1ktbb3gmnank0hzxq24e914tycqbakrrbf0v57qyvgbb5r6sg5917zccatamhmzgjd64h6n7m3xqeqwsrk5hj5wt2ybx9v3mk5ehhpdrpvdatvxk3n966smhr85g6ydh9b4txfxtw5b9vw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%26client%3Dca-pub-2829192160917889%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 737443
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMBj3KJcsu1Ye2tA0DLEoQzxLf2fVqjCh3dRVtec5c3tNH7HxHEwSvaAbDDaD79ILnOuUZsSlMTiL%2Fyx7OWZG0GubVVOA%2FXW42zT3XoBsaRJUkwPRXxZ85GSnxLYG4eveq80hKFpxec%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413b22fe699188-FRA
expires: Sat, 04 Feb 2023 07:08:18 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 3B92 35 KB
12 KB 35ms
16ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g81tyn1whsbjjfak58bad6p2yk9000mjezrfzm1yvbhpcz22fa897r21enzg9af7jghwb5ttrc57r7s1q3w1hqxn9fec0x9bxajg9s5wjx010gj5pgkv0anw3skzq967x3rzv5z1112v3r2t07j8p1cc94ae4cwy1stxyk4x3jbbe51999h9g3pd74fag2a8veg7xxpcpb09ctrw3k4qyzz1mj1btzbgy1hpv8qc26625rrmmzxjt1cac2yn81xjgm318pyyywvsyz763nhftw277jaftycjzk981j1ktbb3gmnank0hzxq24e914tycqbakrrbf0v57qyvgbb5r6sg5917zccatamhmzgjd64h6n7m3xqeqwsrk5hj5wt2ybx9v3mk5ehhpdrpvdatvxk3n966smhr85g6ydh9b4txfxtw5b9vw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 313436
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiDjCavn7UiigFhFntbAZo2EtgRsyH8TsotMe6%2Fpp2RiR3%2BStlj3QXo3WMAHdbYpLkhh6D4i7NBQpWQqAcs9PQ%2Fynmj6PrUyMs%2F8%2FffJlMlmQGX5nBpjclqGLL%2B%2BcNT41Y2KfKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 79413b230e809188-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:04:22 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3D53 0
103 B 81ms
23ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFrPH0jD7tIF6K_rqP2eFeY&google_cver=1&google_push=Aa02lx_K-_PCX_vA1__8QQt-Ln-vItbdRFU_4lvQUUBaK_LnFK2QGT1VR5Xk9iU76hf5XThYhw1sqjj59NCT1fcQzm7OEJ5b2zZsUx6PaVqasqYwCcNFdDYhAjLHANI-vd8hzsWw2KP2eRoEfOY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D53
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFFnvClvL7P62UCPUM0ouU&google_cver=1&google_push=Aa02lx_2Eh45GYUDeESWjWODTxolOm34v7sqnV1B_5y4VETzLuuLt10dqpWUqvdIPvTbNjJjVol3DI_VVUnUrxCp...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=RoNj3fZSQQGE5gEslebigA&google_push=Aa02lx_2Eh45GYUDeESWjWODTxolOm34v7sqnV1B_5y4VETzLuuLt10dqpWUqvdIPvTbNjJjVol3DI_VVUnUrxCphYLvBEKY...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=RoNj3fZSQQGE5gEslebigA&google_push=Aa02lx_2Eh45GYUDeESWjWODTxolOm34v7sqnV1B_5y4VETzLuuLt10dqpWUqvdIPvTbNjJjVol3DI_VVUnUrxCphYLvBEKYggjDmUC1f-dTaxave1KxUxsIzQWuUdCeAjTaOy2-xJpVlZCGmA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Server: MT3 441 9053ffc master zrh-pixel-x30 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=RoNj3fZSQQGE5gEslebigA&google_push=Aa02lx_2Eh45GYUDeESWjWODTxolOm34v7sqnV1B_5y4VETzLuuLt10dqpWUqvdIPvTbNjJjVol3DI_VVUnUrxCphYLvBEKYggjDmUC1f-dTaxave1KxUxsIzQWuUdCeAjTaOy2-xJpVlZCGmA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 04 Feb 2023 06:08:17 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3D53 70 B
265 B 107ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEL6Vwfl4ecod1V9jV3ii64I&google_cver=1&google_push=Aa02lx8SRcm9RQW3MM02P4Q4Ca4lNHakqmnN0GHVDYqYChp0dYsKSKfS9ttuYWAhInRGc342NzqdwrISeVLF_ZH_cScIh_n4MYQP1QVztgg8WLJQLTR3H1xTVjbGyzz2HGIsX6yj4UE6HR2k9Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 3D53
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKvpEbtuSTonyczdRTZpVJQ&google_cver=1&google_push=Aa02lx-7WR8NoewuXLiutd62D3vAjSsQtP1t3wlk79YEsi7HZp9Hi5HCH3wGSUgdd6tEZctokpLC9Wxxn9DkzmF66-BD...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKvpEbtuSTonyczdRTZpVJQ&google_cver=1&google_push=Aa02lx-7WR8NoewuXLiutd62D3vAjSsQtP1t3wlk79YEsi7HZp9Hi5HCH3wGSUgdd6tEZctokpLC9Wxxn9Dkzm...
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6588121d-2d9b-4a1a-a7e6-111c3c2e322b&ssp=google&gdpr=&gdpr_consent=

43 B
356 B

50ms
22ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6588121d-2d9b-4a1a-a7e6-111c3c2e322b&ssp=google&gdpr=&gdpr_consent=
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6588121d-2d9b-4a1a-a7e6-111c3c2e322b&ssp=google&gdpr=&gdpr_consent=
date: Sat, 04 Feb 2023 06:08:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D53
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEF-UT-5sNYil-y8bUVJc0ic&google_cver=1&google_push=Aa02lx_qKolf7umx8gHG8NyAsv8wopE4zdYMA2r8PwpADWl4NjKrQcf2bV2BnGRTgFcLro72ZRxk01JytSuACBf8S...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEF-UT-5sNYil-y8bUVJc0ic&google_cver=1&google_push=Aa02lx_qKolf7umx8gHG8NyAsv8wopE4zdYMA2r8PwpADWl4NjKrQcf2bV2BnGRTgFcLro72ZRxk01JytSuACBf8S...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_qKolf7umx8gHG8NyAsv8wopE4zdYMA2r8PwpADWl4NjKrQcf2bV2BnGRTgFcLro72ZRxk01JytSuACBf8SxjAnYgf4H4iH8NFcJ9eiUjDHO4YuBxXBydjF69egunWE...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_qKolf7umx8gHG8NyAsv8wopE4zdYMA2r8PwpADWl4NjKrQcf2bV2BnGRTgFcLro72ZRxk01JytSuACBf8SxjAnYgf4H4iH8NFcJ9eiUjDHO4YuBxXBydjF69egunWE5ZdRIjnJg4dNQ&google_hm=GGUwqGZHjRPoNVOrReakWIZH

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_qKolf7umx8gHG8NyAsv8wopE4zdYMA2r8PwpADWl4NjKrQcf2bV2BnGRTgFcLro72ZRxk01JytSuACBf8SxjAnYgf4H4iH8NFcJ9eiUjDHO4YuBxXBydjF69egunWE5ZdRIjnJg4dNQ&google_hm=GGUwqGZHjRPoNVOrReakWIZH
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D53
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHhejLDmG7tvchdXiRS8dU4&google_cver=1&google_push=Aa02lx8PYPP88HurXRDFJb1qIV0VR9fm65T11N6txgBLJpd_FTdw3xFrkohBpesAuJNDDTW8OHWNywUi8D40NIq7...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8PYPP88HurXRDFJb1qIV0VR9fm65T11N6txgBLJpd_FTdw3xFrkohBpesAuJNDDTW8OHWNywUi8D40NIq7Y1y4itKGKBH1BaHjh5a3zUu5l6sh8UvJLdqVPnQN7MjP...

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8PYPP88HurXRDFJb1qIV0VR9fm65T11N6txgBLJpd_FTdw3xFrkohBpesAuJNDDTW8OHWNywUi8D40NIq7Y1y4itKGKBH1BaHjh5a3zUu5l6sh8UvJLdqVPnQN7MjPhat-6KIB0UhvwQ

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8PYPP88HurXRDFJb1qIV0VR9fm65T11N6txgBLJpd_FTdw3xFrkohBpesAuJNDDTW8OHWNywUi8D40NIq7Y1y4itKGKBH1BaHjh5a3zUu5l6sh8UvJLdqVPnQN7MjPhat-6KIB0UhvwQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: TpIPW_izlvkL75dksy64inrM0A872-8N0R_iQFup0vnOjOvN7I5Ctw==

GET
H2

200

report
sync.teads.tv/um/ Frame 3D53
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEORqEYri7dg7xefm0RTrb8k&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8HDVn8L1F4yMytOKiHIV0rDDVoVAueoVprv8ngsQwLfc-ARGYH7S2NBgfYPfwOKp37myyJgejw0IFgY1sETqaWI8p3qUtTngpAt28bcIWwAkqjU...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

67ms
65ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 04 Feb 2023 06:08:18 GMT
pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D53 0
40 B 25ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IznabHgebQ9qAE2Ae6iuTL8BbMCW2PwRwINELDKYdA2OJdzd01A-GGKtMUr67VXX6jCLZ-6g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame A7EF 94 KB
11 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k5ed92bb6n1cfyp6cryz2e9xdk2fgv821r27e47adwae5c182ca7kc3ngdmqjfh5hev1jcypszr72zgnrdaj715z5nh29vsegx3s35a55hs14fkcx8dkq3d07ktwkjgkjb2tmqqd1c88svfz2m6fq4v059mk7vbaxq4vb84cadk2kzr01h1kjcf6dz4v0w7g2fp5404gw7qa7k5w03acgavxfrj73kpbb2d4r39s1y8wwsf9rgtm7p3z0kd6cj7689w6htg5f09p6jgffevd8438fv26tf6fh2e9mtn5r97vyymvrdq7z2q5b8gf4pq2t6kqx6d8rvmt529cx3b9xvwqv10xc0zyv8zrhjrw8e88s5asbfg4das0qsxjneytcvm7sx696887f5j1a3wdj5cvhz6k20ycgp3ppr5d0btmv63vmde290awdx3wp5mvtmnmyrytr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k5ed92bb6n1cfyp6cryz2e9xdk2fgv821r27e47adwae5c182ca7kc3ngdmqjfh5hev1jcypszr72zgnrdaj715z5nh29vsegx3s35a55hs14fkcx8dkq3d07ktwkjgkjb2tmqqd1c88svfz2m6fq4v059mk7vbaxq4vb84cadk2kzr01h1kjcf6dz4v0w7g2fp5404gw7qa7k5w03acgavxfrj73kpbb2d4r39s1y8wwsf9rgtm7p3z0kd6cj7689w6htg5f09p6jgffevd8438fv26tf6fh2e9mtn5r97vyymvrdq7z2q5b8gf4pq2t6kqx6d8rvmt529cx3b9xvwqv10xc0zyv8zrhjrw8e88s5asbfg4das0qsxjneytcvm7sx696887f5j1a3wdj5cvhz6k20ycgp3ppr5d0btmv63vmde290awdx3wp5mvtmnmyrytr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%26client%3Dca-pub-2829192160917889%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 737443
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HCSQ6jCRg4Kmdh0uDDohBNLHQQKMCzwKaQ8SgbU%2F0fSb19%2FKANIUSVWVr4CY4kjLFZK2WJQb5%2BNiQ7GNH3%2FyMX2s7Tf3Ea3DhdGmB2YGc%2B1uu2ATCMQUJvwftuDdVgZ4K%2B2wtqOf9k%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413b22fe6e9188-FRA
expires: Sat, 04 Feb 2023 07:08:18 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A7EF 35 KB
12 KB 27ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k5ed92bb6n1cfyp6cryz2e9xdk2fgv821r27e47adwae5c182ca7kc3ngdmqjfh5hev1jcypszr72zgnrdaj715z5nh29vsegx3s35a55hs14fkcx8dkq3d07ktwkjgkjb2tmqqd1c88svfz2m6fq4v059mk7vbaxq4vb84cadk2kzr01h1kjcf6dz4v0w7g2fp5404gw7qa7k5w03acgavxfrj73kpbb2d4r39s1y8wwsf9rgtm7p3z0kd6cj7689w6htg5f09p6jgffevd8438fv26tf6fh2e9mtn5r97vyymvrdq7z2q5b8gf4pq2t6kqx6d8rvmt529cx3b9xvwqv10xc0zyv8zrhjrw8e88s5asbfg4das0qsxjneytcvm7sx696887f5j1a3wdj5cvhz6k20ycgp3ppr5d0btmv63vmde290awdx3wp5mvtmnmyrytr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 313436
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXYXKteZlrUG%2BQXKgxmk3iOHZlT2SyIYO1YllozGpiPfUzn6ifxYYDf6WBZKspNZouq8OVYlGuSgNQkMuHmbEEvZBoykxQFZQ592un9wm3eSjP2DfBz%2FY1UJ25nrIHLI0bz%2BRqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 79413b230e7f9188-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:04:22 GMT

GET
H/1.1 200
OK request.php Show response
hal900010.redintelligence.net/ Frame 3DF1 611 B
772 B 130ms
71ms Script
application/x-javascript 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=e900d8acb0&subid=&uid=6fe9a1baf2d43878&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dumuv5zkbiXcvp8N65iHyTg%26exch_seat%3D20035004448%26mt_aid%3D6386310230889300134%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D468363dd-f652-4101-84e6-012c95e6e280%26mt_cid%3D468363dd-f652-4101-84e6-012c95e6e280%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%2526client%253Dca-pub-2829192160917889%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2829192160917889%26output%3Dhtml%26h%3D90%26slotname%3D1151351565%26adk%3D2974423296%26adf%3D811793458%26pi%3Dt.ma~as.1151351565%26w%3D728%26lmt%3D1675488952%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.balipost.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1675490896725%26bpp%3D12%26bdt%3D1061%26idt%3D252%26shv%3Dr20230201%26mjsv%3Dm202301230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C970x90%26nras%3D1%26correlator%3D2765791972825%26frm%3D20%26pv%3D1%26ga_vid%3D1827210393.1675490897%26ga_sid%3D1675490897%26ga_hid%3D922943613%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D21%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071812%252C21065724%26oid%3D2%26pvsid%3D337857566880165%26tmod%3D764753914%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3DM%257Cd%257CaoeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DOMgZYlQCdQ%26p%3Dhttps%253A%2F%2Fwww.balipost.com%26dtd%3D254&ancestorOrigins=null&random=7338207138078&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=1&gdpr_consent=li&rnd=6386310230889300134&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dumuv5zkbiXcvp8N65iHyTg%26exch_seat%3D20035004448%26mt_aid%3D6386310230889300134%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D468363dd-f652-4101-84e6-012c95e6e280%26mt_cid%3D468363dd-f652-4101-84e6-012c95e6e280%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%2526client%253Dca-pub-2829192160917889%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 04e17adb205e74e56210fc859c9ceeed3480d93d92797803f50c355bea1be58a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:08:18 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 50120400015955906783183012225010
Connection: close
Content-Length: 329
Expires: Sat, 04 Feb 2023 06:08:18 +0100

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3B92 3 KB
4 KB 55ms
15ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2188
x-guploader-uploadid: ADPycds4_fkNWsUn9dqbK6vvrl69R7e2yptmTdP7xpUchNj65TN_2MLwN7wim7e5PV-VpnLQR6Er5SZaeY4xOYgj7O9fMJM4tduP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EE415Z5IvaLMwyFeoRU3OzPHDh0ag4xkdlf8eV65VB7G0PX7ry%2FXd0PsVHXsIXq%2FQMxWOVRvvVMO6foyLWELkAybmM4n%2BVRGTNmHJov57reTlzKI4ytNbsCBd2Y7IQOwL6hydOOBprj89Aq4pvXzw2uE"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 79413b238c2c3602-FRA
expires: Sat, 04 Feb 2023 06:07:01 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A7EF 3 KB
3 KB 55ms
16ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2188
x-guploader-uploadid: ADPycds4_fkNWsUn9dqbK6vvrl69R7e2yptmTdP7xpUchNj65TN_2MLwN7wim7e5PV-VpnLQR6Er5SZaeY4xOYgj7O9fMJM4tduP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7meEvfvz9q8uviOboDVSGors24mT7wFpRWaEfHvxEapdeQ4GVK1O%2BLW9LOobW4oFZh7nZn0j518s2vwVOy4g4JadoR1Zmwp5%2BuYjnw4F8PkIgD9VEybMT9nMTvO%2B37EjCYIrV6FwE1qeK9O5X80z%2BXc"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 79413b238c2d3602-FRA
expires: Sat, 04 Feb 2023 06:07:01 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 0B18 2 KB
1 KB 22ms
21ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1939149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 79413b235e8c2c4f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 04 Feb 2023 06:08:18 GMT
expires: Thu, 12 Jan 2023 18:57:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFBkWdaf2EI4jpVBk2DPrKGJTYxVCTAJVjYluyDFCXFiWvSkuICZT3No1dQkSbQgDjQoTZMx97W0A%2BTD7zLwsAMZv59CzoozMiATzpo6LC%2BIyH5N2krQK1ir8SHIRCXeebsMu10%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 0D67 2 KB
1 KB 23ms
22ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1939149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 79413b235e8d2c4f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 04 Feb 2023 06:08:18 GMT
expires: Thu, 12 Jan 2023 18:57:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQyIRcG1lDqn8AshcK8CPcNr8EHYIgZ2CeZQeL8nmsHiijCyFJOI%2F057YW0R8GfHMaWvO8q4RvRvXYd7RhH0%2Fx7p%2B0qvOEMp3qCH2zTb4Va%2Bm1T5imNHPk50foidmtQSxBjn7ok%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 3B92 1 KB
2 KB 27ms
27ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee829a53b71f33f53c2adcf65f1621f3b746ef9ff8e2349676f7b7464c40c268

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FmIMC28Gcc9meK6wYbwGqSdUDtzqvPXKjq9j1kL0jlKQS4TnCzvm%2F4iuFX4eNYCKzWzhWp0mAZ8R3BTGzFo51yXK3FvgHjMsfWrmBkod%2Bhn7CkcAZ3%2FjXWPJK%2BwrDPhYOQdmaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 79413b24087d37c8-FRA
x-backend-server: aa-reachservice-group-europe-west1-hz4n
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 40ms
29ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79413b23d85937c8-FRA
content-length: 24
content-type: text/plain
date: Sat, 04 Feb 2023 06:08:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEKMiQeoEXQyrCBFRUC1rs8rnyEHzw2rcE2JgCUGbJWAMGZrdY%2BaLd6z%2BXtX4t5N2GdBPAa1nuagy287DlKU53MdBs07GE1MevbfQzztKBzEU6ruNrId4I3tms5brhjyemfvKG8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-hz4n

POST
H3 200 rs Show response
ad4m.at/ Frame A7EF 1 KB
2 KB 28ms
28ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c935e1bd112cead80ae3b47e42da83a5337727b90b26a6104d3b505336ca46e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FTpoDNZ96OlO8nzMsmm0c9%2BGfBYXne3o8GXbw0e6pUkhKbkA%2FIlBCxVeCPQCzx6QUYl2%2FSdy%2F235fr%2BNKhdxdErfqYGGPzXWp%2BQhSdo4wQYom24WuFjxMNeFDm2iw6LGmO8FHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 79413b23f87a37c8-FRA
x-backend-server: aa-reachservice-group-europe-west1-b74t
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
27ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79413b23d85837c8-FRA
content-length: 24
content-type: text/plain
date: Sat, 04 Feb 2023 06:08:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjThB%2BJR7BrVPe1iOcuFqCeCIF4Oa8MDp9t38tK%2BalwGt2zDyabIZi%2By%2BZEXn72zeQxUiowa4Sc66RIZd5si06uzaSvpiLFzGsqZw%2FZ2mdKvVbY3RODB74QcsSwjcd442Fx%2BnGs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-hz4n

GET
H/1.1 200
OK request_content.php Show response
hal900010.redintelligence.net/ Frame F06E 7 KB
3 KB 33ms
11ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request_content.php?s=50120400015955906783183012225010&a=dfda77f0
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=e900d8acb0&subid=&uid=6fe9a1baf2d43878&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dumuv5zkbiXcvp8N65iHyTg%26exch_seat%3D20035004448%26mt_aid%3D6386310230889300134%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D468363dd-f652-4101-84e6-012c95e6e280%26mt_cid%3D468363dd-f652-4101-84e6-012c95e6e280%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqLChUfbdY7-9NcbvzAad6YkQz4eOm1zAhtmCxgLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjgyOTE5MjE2MDkxNzg4OcgBCagDAaoEuQFP0IYmUy_StafvlzSwcCfcr3GmkmxO5H9BVXT2K1kCdHKRgCyO7DMHBVMjMF8xyXvAWEWI7o4OaD1bxkC90TlpAjNUSwEcEzwD0L25HZOpSMh4LOTw3fO3Ju4ZNenmXxH9tXiWwswk5QnC-beTjjBkt0dGfORDeyQz8pgtR8cMrCmBBayAOCYbXj_WsETZgTGH6L8f9TXDVHJtHgDMDkF40pWZe4uU3RogI6djFjCiuyZapV-aQCnQaIAGy7-bpuWT59ivAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-rp377Zl20IntcZ5fcq1RdATAfg%2526client%253Dca-pub-2829192160917889%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2829192160917889%26output%3Dhtml%26h%3D90%26slotname%3D1151351565%26adk%3D2974423296%26adf%3D811793458%26pi%3Dt.ma~as.1151351565%26w%3D728%26lmt%3D1675488952%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.balipost.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1675490896725%26bpp%3D12%26bdt%3D1061%26idt%3D252%26shv%3Dr20230201%26mjsv%3Dm202301230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C970x90%26nras%3D1%26correlator%3D2765791972825%26frm%3D20%26pv%3D1%26ga_vid%3D1827210393.1675490897%26ga_sid%3D1675490897%26ga_hid%3D922943613%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D21%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071812%252C21065724%26oid%3D2%26pvsid%3D337857566880165%26tmod%3D764753914%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3DM%257Cd%257CaoeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DOMgZYlQCdQ%26p%3Dhttps%253A%2F%2Fwww.balipost.com%26dtd%3D254&ancestorOrigins=null&random=7338207138078&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 951ccfa4ed18a1000a7548ccf8895033f527892e59aa0b15a12078f3e3f1f6f2

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2275
Content-Type: text/html; charset=utf-8
Date: Sat, 04 Feb 2023 06:08:18 GMT
Expires: Sat, 04 Feb 2023 06:08:18 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3E8F 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Sat, 04 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3DF1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acf3a6cb4d98c497ab03bc7d316e56ed752b9d4e9bc8d2c14ff458970324c087

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame F06E 89 KB
32 KB 102ms
19ms Script
text/javascript 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=50120400015955906783183012225010&a=dfda77f0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 16:51:03 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame F06E 727 B
839 B 51ms
24ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=61227813;click=https://hal900010.redintelligence.net/c/peyqv90smylxvps?tprd=

Requested by

Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=50120400015955906783183012225010&a=dfda77f0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

631ea984de646c0a2bb97612e304482c559c17713ab03845140a7b4114e4ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 525
expires: -1

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 957C 11 KB
5 KB 28ms
27ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779a6752d0d445f5f10e5c89545686b5ece34357caf2e0b3f23dc8db3b70b9d8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k5ed92bb6n1cfyp6cryz2e9xdk2fgv821r27e47adwae5c182ca7kc3ngdmqjfh5hev1jcypszr72zgnrdaj715z5nh29vsegx3s35a55hs14fkcx8dkq3d07ktwkjgkjb2tmqqd1c88svfz2m6fq4v059mk7vbaxq4vb84cadk2kzr01h1kjcf6dz4v0w7g2fp5404gw7qa7k5w03acgavxfrj73kpbb2d4r39s1y8wwsf9rgtm7p3z0kd6cj7689w6htg5f09p6jgffevd8438fv26tf6fh2e9mtn5r97vyymvrdq7z2q5b8gf4pq2t6kqx6d8rvmt529cx3b9xvwqv10xc0zyv8zrhjrw8e88s5asbfg4das0qsxjneytcvm7sx696887f5j1a3wdj5cvhz6k20ycgp3ppr5d0btmv63vmde290awdx3wp5mvtmnmyrytr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%26client%3Dca-pub-2829192160917889%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413b243f2f2c4f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:18 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A937 9 KB
4 KB 29ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200440f0163bcc603cef081eaa9bcfd7beced2faa84caaf5c473bc928f5a6ea6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g81tyn1whsbjjfak58bad6p2yk9000mjezrfzm1yvbhpcz22fa897r21enzg9af7jghwb5ttrc57r7s1q3w1hqxn9fec0x9bxajg9s5wjx010gj5pgkv0anw3skzq967x3rzv5z1112v3r2t07j8p1cc94ae4cwy1stxyk4x3jbbe51999h9g3pd74fag2a8veg7xxpcpb09ctrw3k4qyzz1mj1btzbgy1hpv8qc26625rrmmzxjt1cac2yn81xjgm318pyyywvsyz763nhftw277jaftycjzk981j1ktbb3gmnank0hzxq24e914tycqbakrrbf0v57qyvgbb5r6sg5917zccatamhmzgjd64h6n7m3xqeqwsrk5hj5wt2ybx9v3mk5ehhpdrpvdatvxk3n966smhr85g6ydh9b4txfxtw5b9vw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%26client%3Dca-pub-2829192160917889%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413b243f322c4f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:18 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3E8F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFk3D9csgHu-gtE5F5qSK5Q&google_cver=1&google_push=Aa02lx8eCer3ttOuq6vWlapTXcuDZwbGtoHwHl8avSXIJIqYJu10LoQq5q95R9EK1v9yrUi73ROG_V8e4yEDx-Ml8bkfsYj1Bpve5_c
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0MTcwMDIwNDkyODU5Nzk1OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFk3D9csgHu-gtE5F5qSK5Q&google_cver=1

43 B
398 B

58ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFk3D9csgHu-gtE5F5qSK5Q&google_cver=1
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFk3D9csgHu-gtE5F5qSK5Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E8F
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJzTN592so3BStVdxaZ_rB8&google_cver=1&google_push=Aa02lx8DdWD4zZKiwxXgtpm80cLptERTTXl5_0D7KQS_TyC9Ri4VUqUNhxpK14iyToBqcSH6mCsOva7dEa9A8HuP-xYUSdTl8apOS1Q
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx8DdWD4zZKiwxXgtpm80cLptERTTXl5_0D7KQS_TyC9Ri4VUqUNhxpK14iyToBqcSH6mCsOva7dEa9A8HuP-xYUSdTl8apOS1Q&google_hm=Q0FFU0VKelRONTkyc2...

170 B
188 B

33ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx8DdWD4zZKiwxXgtpm80cLptERTTXl5_0D7KQS_TyC9Ri4VUqUNhxpK14iyToBqcSH6mCsOva7dEa9A8HuP-xYUSdTl8apOS1Q&google_hm=Q0FFU0VKelRONTkyc28zQlN0VmR4YVpfckI4

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:08:17 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx8DdWD4zZKiwxXgtpm80cLptERTTXl5_0D7KQS_TyC9Ri4VUqUNhxpK14iyToBqcSH6mCsOva7dEa9A8HuP-xYUSdTl8apOS1Q&google_hm=Q0FFU0VKelRONTkyc28zQlN0VmR4YVpfckI4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E8F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FNW2u-OpQy-KAXpRv2hoUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FNW2u-OpQy-KAXpRv2hoUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-GmESQGfR8gjws6LBWSBaChLOgkwzH8MAqt8zDDzCDAIG0Ip012OWUjVvVerXdYKaTZOPx2Buxh9ueDq4bFiP6kwk-L94glA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FNW2u-OpQy-KAXpRv2hoUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-GmESQGfR8gjws6LBWSBaChLOgkwzH8MAqt8zDDzCDAIG0Ip012OWUjVvVerXdYKaTZOPx2Buxh9ueDq4bFiP6kwk-L94glA
date: Sat, 04 Feb 2023 06:08:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E8F
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHhejLDmG7tvchdXiRS8dU4&google_cver=1&google_push=Aa02lx-OJjKN--jN8eBmI-QVbkrlKsIIvBKv4twY_4JqAcsAjxhA_oLSW9Q3iS3GPCrf4Ydhte1BWwGbJfx-tviz...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-OJjKN--jN8eBmI-QVbkrlKsIIvBKv4twY_4JqAcsAjxhA_oLSW9Q3iS3GPCrf4Ydhte1BWwGbJfx-tvizjuI3C7tJzLXACxA

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-OJjKN--jN8eBmI-QVbkrlKsIIvBKv4twY_4JqAcsAjxhA_oLSW9Q3iS3GPCrf4Ydhte1BWwGbJfx-tvizjuI3C7tJzLXACxA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-OJjKN--jN8eBmI-QVbkrlKsIIvBKv4twY_4JqAcsAjxhA_oLSW9Q3iS3GPCrf4Ydhte1BWwGbJfx-tvizjuI3C7tJzLXACxA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: d5Qd5Mitr9c-ow8N_zmwYQH3r53O_w8IXRjBaHcmGrRRz46rRVwnzA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E8F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.targeting.unrulymedia.com/csync/RX-15d853ff-2cd1-4668-bce5-cd0b2580fefd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8iOHexsfs8_hw2DAYvd...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8iOHexsfs8_hw2DAYvdynYGnGzdDc4ULXVJbB1YhWx7leBHASA7kNP7fRIRkucaIvUWiSL6jAc_mJJwYwKVjYXvjVQ60yNwgY&google_hm=AxXYU_8s0UZovOXNCyWA_v0

170 B
188 B

22ms
20ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8iOHexsfs8_hw2DAYvdynYGnGzdDc4ULXVJbB1YhWx7leBHASA7kNP7fRIRkucaIvUWiSL6jAc_mJJwYwKVjYXvjVQ60yNwgY&google_hm=AxXYU_8s0UZovOXNCyWA_v0

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8iOHexsfs8_hw2DAYvdynYGnGzdDc4ULXVJbB1YhWx7leBHASA7kNP7fRIRkucaIvUWiSL6jAc_mJJwYwKVjYXvjVQ60yNwgY&google_hm=AxXYU_8s0UZovOXNCyWA_v0
date: Sat, 04 Feb 2023 06:08:18 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX15d853ff2cd14668bce5cd0b2580fefd003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E8F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECbscypAysEB0GnguIbpzEg&google_cver=1&google_push=Aa02lx9sLNNZGJQmmbVQgQDyFOl-xY7gjVRu-R8EgaHmVe7O1UREoyKNo55Ufev9BumkJK6Vda3T_GNNUFporMJ9cj7wLPl1f9...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9sLNNZGJQmmbVQgQDyFOl-xY7gjVRu-R8EgaHmVe7O1UREoyKNo55Ufev9BumkJK6Vda3T_GNNUFporMJ9cj7wLPl1f9v...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTg5MTkxMjU0MTMwMDM0MTc2MA%3D%3D&google_push=Aa02lx9sLNNZGJQmmbVQgQDyFOl-xY7gjVRu-R8EgaHmVe7O1UREoyKNo55U...

170 B
188 B

27ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTg5MTkxMjU0MTMwMDM0MTc2MA%3D%3D&google_push=Aa02lx9sLNNZGJQmmbVQgQDyFOl-xY7gjVRu-R8EgaHmVe7O1UREoyKNo55Ufev9BumkJK6Vda3T_GNNUFporMJ9cj7wLPl1f9vOr_U

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTg5MTkxMjU0MTMwMDM0MTc2MA%3D%3D&google_push=Aa02lx9sLNNZGJQmmbVQgQDyFOl-xY7gjVRu-R8EgaHmVe7O1UREoyKNo55Ufev9BumkJK6Vda3T_GNNUFporMJ9cj7wLPl1f9vOr_U
date: Sat, 04 Feb 2023 06:08:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 3E8F 0
45 B 140ms
24ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHXXtmxJUWTse506LSjlV7M&google_cver=1&google_push=Aa02lx-PwRANQhZaP6H6A8Ys8EJ-kCgGY96qmE_R324BiEuEJh1wfvYRLNTMAcIX6gDIb-s32LIc6yDy1SdXMsQV2co4FZap-V9VVhs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3E8F 0
12 B 15ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXYEzecoC7Uu3hHm2pA9cMrWYUAbF6QNnfs3a4AgIxFkJvPEP5ftSHLiP7mWsnvQsb9WwU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 128ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?oz_pl=1&si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.balipost.com&ui=ce8c67b6-c509-1d07-0000-000000000000&ap=&ti=6386310230889300134&pv=f980f66e-29fc-4063-8789-358eb161e479&pp=pub-2829192160917889&sr=4&de=43003&si=2114837484&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=2001:ac8:20::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.88.0/ Frame 3DF1 171 KB
54 KB 30ms
29ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.88.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.balipost.com&ui=ce8c67b6-c509-1d07-0000-000000000000&ap=&ti=6386310230889300134&pv=f980f66e-29fc-4063-8789-358eb161e479&pp=pub-2829192160917889&sr=4&de=43003&si=2114837484&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=2001:ac8:20::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf9f723c8119c017afec425fdbe058bd4404e0c5853ff4a72164449d8507a210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54959
Expires: Tue, 13 Oct 2054 04:55:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 605C 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupwvg2who9u2nsgcHZ7e4eSbtCH0l4iECxPQp1Ogs2zm03uUh1oXfhxCXgyMpcV4BWu83mmjxjfRzjaasX1fzcSK76jS4ve6Wki8k77hU4ocNummvo_2vQsfTAIb5C0yZUiPFGTA&sai=AMfl-YR3zAv2eWbRAfdd4KlrhUVg0zcTvwjuZh9XOYvYNDeyn-dKtdAl0dRHMzoM9iyXFND4-mi3DEL7RQj1&sig=Cg0ArKJSzPZR1UD4rOZaEAE&cid=CAQSGwDUE5ymqNA4xN5s8Xqp0K0J-IPFQKm4RIO1XhgB&id=lidar2&mcvt=1000&p=0,121,90,849&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1727054528&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675490896959&rpt=660&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 957C 94 KB
12 KB 36ms
33ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 737441
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrj4Na7GMlfQ6HdLonwnla9EJtkCPdOXZ%2Bl7Jpijdsi2MCY8F2uHB8kGdLyj2MF06LBDmgc%2FIeqhl83VHBT0xEyQKrdR6TU1XNuxGuknCO5Bqo7tN8i4hjBKkTGojG6Z3X9qFOKqEpw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413b247f592c4f-FRA
expires: Sat, 04 Feb 2023 07:08:18 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 957C 8 KB
9 KB 61ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1325647
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPY2aitViwcFNcxJ%2FKhLQnEiCd6m2VQoFY1uvDbSwQ2pI1wjZzV6XLbHzC5GmuVeMpNLKAvIhHZ3s%2BvQlec5%2BsIJ8aVOM%2FVhTpe7qMu86DNMJ9mEEg3LaQ7551JwLWrhvKdl6R5euhE%2BsbOU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfe99188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 957C 30 KB
30 KB 67ms
39ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 812841
cf-polished: qual=85, origFmt=jpeg, origSize=81547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHgTgssoz6i4bk2%2FjJIwkVQo5IghbjFE%2B2B4Nct%2Ffmule4RXDTJevlqxt1U7g9JqcR%2B9YUhEPcQ%2FeuI6jjckxOUds1rk%2FyRRMLCklvs43AYVnm8bfBxdSss0Fw%2BeBK%2B4g3nxWC7LSzeqESqj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfec9188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 957C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COeL4f6Z-_wCFQHtuwgdys8Gdw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPx5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675490898_5217abf1-a452-11ed-acb0-22645d5ed731

0
549 B

64ms
17ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675490898_5217abf1-a452-11ed-acb0-22645d5ed731
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:08:18 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sat, 04 Feb 2023 06:08:19 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675490898_5217abf1-a452-11ed-acb0-22645d5ed731
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 957C 26 KB
26 KB 50ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2627330
cf-polished: origFmt=png, origSize=53992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26236
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHjE8gfAdfJ0rGY3poNpfJ4iCBA%2BrVPAXU7Y127WAZnxyivmrsO7bwuknParYsfzEL057KLkQVAkeazTIm%2FtcOvkTRBB6v40xkbXrD40uF0FDKCsDTN2MjwRIzSynZw5JtXUBAnj9vCuxHm0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfee9188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 957C 54 KB
55 KB 51ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 807470
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKIE3z1IRzSFPwsWVaW3hhyRu8VCLbhG6ySiqmUxhB4pmALFr0kKiV7G2jC39C1do8Qv4PKugZSdWbX%2BYXk%2B4oLR0kCI3FIilH5sC%2FZ25I5G47Vnymr2gGjhlPP7w4WNjCNnCWy%2F5Z6BVFz5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfed9188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 957C 44 KB
44 KB 51ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1325671
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hEgf5DGBKdVwNeEwUGb4mjAIF87AR4e5ywA4FI5y%2BJ08PjvhLiQ42EeswEszZm6p58ThmShRi5pvsfzPoGSAIvvsJhAyMrMZIYXvDNV6WAlzI1%2FD8Xkm9KxbVxmw0rEeVw9mV2rbWM%2BTfEI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bff19188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 957C 222 KB
222 KB 69ms
42ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90654
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LimnnwDh4S6gHNh4FbwMMpjP0DFosohZ1W%2BkDNiaYI8PMpaW8S5HGl92XfzhH7PhxWahZG2EuGqEaSRmGIevm7aFUMJ%2BZD0ipjDO91EwoKw8CXoYbNBgndd0bzc42sIiiD%2Fz0YCfWnaqeyL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bff39188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 957C
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1675490898_51fcf801-a452-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=

0
672 B

89ms
47ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1675490898_51fcf801-a452-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 additional-webserver-blue-b3gw (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 368908676
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=41abb027927751d1
cf-ray: 79413b2639262c1c-FRA
expires: -1

Redirect headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1675490898_51fcf801-a452-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame A937 94 KB
12 KB 33ms
22ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 737441
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rlX%2B6Kbrx2cNDgFtGic%2FNabrmPzKLfcDSFxVmfpwmMxrKI%2FLOKGUa019Li%2F0bRR3P8msOBDZOU8HzVlXfrOdSi5Pgc0kJdOo%2BcO0pKhbrDXUL1Ve4Q%2FKlJ%2FyOBRfJybAAKvpocIa80%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413b249f6e2c4f-FRA
expires: Sat, 04 Feb 2023 07:08:18 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A937 53 KB
54 KB 52ms
22ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1947515
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoYO6m0D7Q3ZDKMqAhX1A%2Fzxsz1Qsrrsp0aw%2BA2q1U4tuvby2EYua3uvvUhi9ge8vl39%2BVHgCPOpc8ERU1ZEtfS2c91N%2BthwWy8uJqn5ADcQTMERqvql9BdCTcDPKpmnfM1clQ2KM8310VeN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfeb9188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame A937 11 KB
11 KB 45ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1517637
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Y8l1Ehus1hdNKEmMPb8uPBvby4Mu7%2FasPLbkRCOum%2BFGQVpOMWZqSZOYFOXCO%2FNKVWrlqyoI3%2FwNb0y3ysi6pRVk0nHL9J6ktoPASSe3jIOVGeftib8KfBCqzVxZsPwBMWmAs%2FTz%2BqFe0nt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfe39188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame A937
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLuH4f6Z-_wCFdEq4AodmpAMcQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020407081981241080831X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...

49 B
1 KB

238ms
23ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020407081981241080831X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023020407081981241080831X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:19 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020407081981241080831X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023020407081981241080831X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame A937 13 KB
14 KB 34ms
13ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58843
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F3LWwaSBJ2S7WtvkZWOAHRfWWUBq%2FOOM0ytg6ZUUKNc2TZ2UQCeN9ne9FumSDAjmaHXBHl%2BLDyqxwT6F172wyGPwPD5OwL3agrbEip3hicIZvn6DYZbXh32UOmoPs9IP0Av5L%2Fe4ZrpSBTb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfe59188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame A937 20 KB
20 KB 44ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1517634
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMVHrxqSHYfTzyrNi4CrStVtBaAS3SzO%2FeIEhZ8f1MxKks40ZGoPOpbuVNAS7YWqOBUeVo6mX1Wvar0yCozzgunbeFr1RNFtdomk9nMJHvShEljpzhyZAWCUF%2BVCjNlMAMGLqHWH2Wgjw3QG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfe69188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame A937
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CNCI4f6Z-_wCFZm4dwodLJMGUQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023020407081981241080829X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

114ms
22ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023020407081981241080829X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:19 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023020407081981241080829X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame A937 44 KB
44 KB 44ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1325671
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFUrKBb21LudS4UzVyKM5uebcrMoQNjxprr5rsIbUXtVSADzLr%2BlWgZLeW%2BoLske5YULmIuimdfwQPQHDQowKOB9w9ASu0irNCo91r31tSaTUaiNPgJkQ0lbCdVJH7%2FjTLOWvgyWZg8sabns"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfe79188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame A937 222 KB
222 KB 34ms
14ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90654
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KjkC37JTlngVChIpMGNWL0lnOLH8ARplm5AKSflx7u45KQ2nzsTrqpiho%2Fu6mMdmspFYuVTHKmU2Ma3yFi49KwI3SKSQY1xc9s72x77b5JHZm%2B2CR5gyUcrurHzwSFVyEOhaqzqjSvAFD%2Bq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413b24bfe89188-FRA
expires: Sun, 05 Feb 2023 06:08:18 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame A937
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1675490898_5200efa0-a452-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=

0
332 B

43ms
41ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1675490898_5200efa0-a452-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=c544a38e5a299b62a493d00311b7513f%2F5400960083850283330&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675490898578&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jve1a402tqw8zx3qjsqxgh7sye8vmdhgcn1vy1eza1kfppgq08c7ekcgc12btvk6v804nkp1mtza4991b6xhv0amy2san6j0djehbxphqt59dxsfcd54ecepzeb059etg6g6gx4b75m3t521pje8tvbr9ez3b4d804wja36evf32rg9mpb6rzqvk3h61fx1qqm6zavhp4z30b7mngscv9sy8xp1qcsyv0x56a6c0jq6nqdvsymybj81kx0s3e9znekbpepfwgy9221mxkag%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn3ERUfbdY9jXOIyw-wbHmKWgBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QnmYxWnibaXanZIa8g3mOl7Lu8EiPdW0Gc9mBh1nw1QSmjm2Zf3hLBFQKIyl8EnK0s8sSjOBVAG2p0ZO9F295tVTUoa9_32RkfMSBfQ6yqPgi4Hq-4nwBu1dCvptwBhcW5Ovy_crXYYl84cvgGVezY_HmSQitS5v1H2dQLxtEAVMdQdNGeawi2XD55j-Com4FE40XV9DvOWL4XtNz8wPSGFJTkzBhDoV3qPaiWY-V0VourtOvXu_MRa-ffeQ7gAbOhMqr67uBulSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2pQUoxtgMFPhkYsaOKKNvdfzEmaQ%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
via: 1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 388110726
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=5ca0f9dd4a046edf
cf-ray: 79413b26492a2c1c-FRA
expires: -1

Redirect headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1675490898_5200efa0-a452-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 957C 2 KB
2 KB 131ms
60ms Script
text/html 13.42.68.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gh9xwstr1z48njg2fpa00xwsbcwvt1m0k7dwne6fm016qgegkkd72gcejqr5s6ctv2aryqtnvdh5nayw8e3qz2m6yjbetyyj7an774x80be5snz5ntyw6gvp5v0hfqxw9m7rzs5trr9w95xb4j3e057pcwsvzsrs65ks1gyxf2nc3eqtkxafmdgmkhqkv1xkemn5w7gfbxfm30gzrac52kqpxk6e02ez3tgbtmtmkxqgr5vqksqdn62s576w9ebey3xc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%252526client%25253Dca-pub-2829192160917889%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.68.116 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-68-116.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: bd4ef99216c1d073eb7ad09ef524e397d265b7ab1b4f755462370a9fc6a40364

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
last-modified: Sat, 04 Feb 2023 06:08:18 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 04 Feb 2023 06:09:18 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 29ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?oz_pl=1&si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.balipost.com&ui=ce8c67b6-c509-1d07-0000-000000000000&ap=&ti=6386310230889300134&pv=f980f66e-29fc-4063-8789-358eb161e479&pp=pub-2829192160917889&sr=4&de=43003&si=2114837484&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=2001:ac8:20::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal900010.redintelligence.net/ Frame F06E 0
150 B 45ms
18ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/viewability?s=50120400015955906783183012225010&a=da1c1480&vb=m
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=50120400015955906783183012225010&a=dfda77f0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/request_content.php?s=50120400015955906783183012225010&a=dfda77f0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:18 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame F06E 34 KB
16 KB 122ms
47ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61227813;click=https://hal900010.redintelligence.net/c/peyqv90smylxvps?tprd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 19:29:51 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 44ms
32ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490898748&oz_l=1102&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 957C 85 KB
31 KB 50ms
7ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gh9xwstr1z48njg2fpa00xwsbcwvt1m0k7dwne6fm016qgegkkd72gcejqr5s6ctv2aryqtnvdh5nayw8e3qz2m6yjbetyyj7an774x80be5snz5ntyw6gvp5v0hfqxw9m7rzs5trr9w95xb4j3e057pcwsvzsrs65ks1gyxf2nc3eqtkxafmdgmkhqkv1xkemn5w7gfbxfm30gzrac52kqpxk6e02ez3tgbtmtmkxqgr5vqksqdn62s576w9ebey3xc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%252526client%25253Dca-pub-2829192160917889%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:30:06 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 74293
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Khyoq9-aov6cOkBqAtGIOxrZqEBk1sL3oaW-arjvEokCxE2A-FItow==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 957C 15 KB
15 KB 50ms
8ms Image
image/png 18.66.147.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1675491198&Signature=P8I5I-dgO7twlq5CRrGjxu95I-2PVjQOOEIDoi0KgRVGfsOSwtY8IrVziBBIy7wmgJNg0p0396uttpCLV8ZSWPLO1JTASnEFD6HtzsnpAjK6gwm1wiPxfiJX0x41N6skr1hVgGIXFgHNV10BZCb-TqWlB4UPlrh4ypkqMeTPmWYH7q9SuDtqYEfo7v5CQ3nu10j-68E7eaa5LzaZC-Ethduqe6p1k20osToGuDIOwp~OuJIRigltZp0An9qC7DcDcLMZaOxVv6Hp3TK3W2IjufhahZXvpTwIFYvXaWlACd6HjKzzF1I65kHEspYo~OeR1w46lbSPpsIL-s03HzB1cQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C197862%2C14019&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=3700042603911b88fe2be7e752a1fd12%2F13331175895944770744&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675490898576&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gb4hhgg54c1ynymnazbdgmb8hmfzp0n38y1wmms4abmk1kbqz1f5engjeqtre3eket8j9pw0h8dvyz0yaw0cb3n6p04n73wtweqrh4t2kkgex5bgy5amczj15qv1s493k0pet6vk4cqn2ryr4d6fsm3emajs5ghec9zefg72fvyvm1gt3aas4e38zxfbdd1fsbnjh6wtt4feqp32tnb1zg7ba5gf45ym66zpy748daqq9ypx8r2b3c7cf5z6cmjs09cwdqh4dzy9ds1vwmjzgyb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMy_2UfbdY_mMN62E2fcP-rC-4AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0BDsHpLPXZhmK7pcV-BQuWc19QdF-ToQSf-kR_Bue8rAI12WY12H8C5yzahUFlU10haBDHIqmP5I0MbDcPs1fiLvKdNManh2nf8q3OcPTgvsUbm9cgUbfejg7VZZjDyHXrQUSL4XX1_MAolGkKBl20YVx1ZKUFRSuwOYvQemI06_1pn-oPg68I6TmHKwZ7Yvsmh3LLUW1LlW6i8jhVTtvZCZVyMtXqfwSF1fFNjxkGjarggghBz1lhNvl6bltoAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xid-UhDhewQS_POQbKVHGgcvEYw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:30:38 GMT
x-amz-version-id: null
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81461
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: x-Y5U7ldg8WazuEVV1ssewxPslzbFBL4t--Gd4saekd2d0exiyS69Q==

GET
BLOB 200
OK 02d1bf1a-78c0-439d-98fd-51827e38ff7c
https://googleads.g.doubleclick.net/ Frame BB1F 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/02d1bf1a-78c0-439d-98fd-51827e38ff7c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame F06E 4 KB
2 KB 26ms
25ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=61227813;click=https://hal900010.redintelligence.net/c/peyqv90smylxvps?tprd=;js=1;adfxid=1x;3799;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.balipost.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c997f6bba33395da119f92fd784699564bb92f4593dcf956541cd99a92fefde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2038
expires: -1

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 40ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490898906&oz_l=5351&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated
/ Frame F06E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame F06E 90 KB
39 KB 35ms
34ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:18 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 17:23:35 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame F06E 35 B
478 B 27ms
21ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=61227813&csi=GF0hBFKB--br6wDXu09uGlhe-CfeOooym-bBKnWUJwIJDwKV3Zer3HxtT0YmhatWWjh1i1SPGwI5sNGaq9lQAN6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900010.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900010.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 33ms
33ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490899061&oz_l=6102&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 12320422.js Show response
s1.adform.net/Banners/Elements/Files/160090/12320422/ Frame 28DB 3 KB
1 KB 28ms
25ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/12320422.js?ADFassetID=12320422&bv=258
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000b0c7dbd7df47d6f5-0063ddca7e-3294fed7-default
etag: W/"bb7571baa31c395d64904fd014b94179"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 1 KB
942 B 45ms
24ms Stylesheet
text/css 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/screen.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 520ab18d78e948bbc9c7c7968c76116a88cc80cd4d40174eef88e6aeeadcb857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx0000014a1629b8c1c6a42-0063ddca7e-329527e9-default
etag: W/"2718286dd1c324429c3275c918a7d109"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 28DB 30 KB
14 KB 49ms
28ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 103 B
433 B 50ms
29ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/introfill.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx0000040b49ee9a188b4f6-0063ddca7e-3295c471-default
etag: "eeb9c35d55092b02bf5fa183ecd734f8"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 103

GET
H2 200 text0.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 5 KB
5 KB 50ms
30ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/text0.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000219ae404f974dc90-0063ddca7e-329527e9-default
etag: "b40bca9f571a135a168188a0310caad3"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4939

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 8 KB
8 KB 52ms
31ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/text1.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000d05aa61a1d36b7b8-0063ddca7e-329527e9-default
etag: "a56c343a6550b231bbebd7cd72bf5bd3"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7981

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 2 KB
3 KB 52ms
32ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/text2.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 14fd46c79ea2ec3ee979acd36fda0dc96b5483c6bd936f8c5f310a3aefa44947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx0000040b298dc17da0c8d-0063ddca7e-3295c471-default
etag: "4181f5f32caca226a0d8ad7a53c1ae50"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2442

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 9 KB
9 KB 54ms
34ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/stoerer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3f00b566c3dc6fa6afad7adfcf139394095cc15e6037f28912c78542cee99fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000fdf9b4ccb1b700e8-0063ddca7e-32952663-default
etag: "d14eb5ec94009a4aab46ce7a5211ca15"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8832

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 6 KB
6 KB 54ms
35ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/disclaimer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx000007d7d493ce2b32b98-0063ddca7e-3295c471-default
etag: "2163627c7872afe2a6e2ee6a39d09a7f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5633

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 3 KB
3 KB 55ms
36ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/date.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1e4ba2b9943af56b9826707b55d94597f5288981e4b1ead596709e42c479afd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx0000007c3acc55ff9098e-0063ddca7e-3294fed7-default
etag: "a10336568f378491c6b2b47cbab27726"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2587

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 2 KB
2 KB 67ms
48ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/cta.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: dc09db8e176e12a83a4f1b4b8bbcf4e130d51182cf6e66889d91f9e83e0040e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000f8280ac039176dd3-0063ddca7e-329527e9-default
etag: "51a99c1aed5feb9089f9af8c15eec059"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1604

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 5 KB
5 KB 67ms
48ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/logostart.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000de05b8cb1b3b018d-0063ddca7e-32952663-default
etag: "0539ca6530d6756126aee292b52e0cf8"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4815

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 4 KB
4 KB 69ms
50ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000226ab75f8eaf86b4-0063ddca7e-3295c42b-default
etag: "926213b1f44a9786a29d0fa8b723023f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3791

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 12 KB
12 KB 71ms
52ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/model.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000f4a4d2a68f73e4b4-0063ddca7e-3295c42b-default
etag: "273432ea3cb408bfbad853f34722e5e8"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12092

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 12 KB
12 KB 73ms
54ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/background.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx000002df4c8818b5cec5e-0063ddca7e-3294fed7-default
etag: "273432ea3cb408bfbad853f34722e5e8"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12092

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 28DB 38 KB
14 KB 149ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 21689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13669
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8gJ%2F%2BSWAVD58hY1DaLOisVFUMz%2FN%2BIIiTZSMSLHbKm6WnDLROe0eLY8DGaNLQCbwZNVUa0akwT4C0Yj7VnhijG5hDUdUXKoisT2nhoLkbcM0Gew%2FPz33nl3jvS2igfxVaQD9qyom6vV6B7%2FOKec6mJS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79413b287e0c3667-FRA
expires: Thu, 25 Jan 2024 06:08:19 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 28DB 5 KB
2 KB 157ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 60413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpcgTYMFZ9TIsBI%2BK5zLrzGWVg4B4ZoXKRmxQAxvxmKRBfGZsJjnKPvHs9whVY2BAQ6LGAGxmLd3Y5OatDtqoBYsD2Ha2v5mBQQp85lc1PH7gL%2F%2FAKn6I0mYymvFyLbl5gsI6BPkEXa%2FOJt7MlKfgtm5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79413b287e0d3667-FRA
expires: Thu, 25 Jan 2024 06:08:19 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 28DB 26 KB
9 KB 151ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 58649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8578
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VEA0hhn%2FDkvQzhje39OduQH0QrTp%2BWYCGy9RdPSDbJZgLLcEQ8NCwMgIGZdAbE%2BsaAnGaQVPmkc6SMDwq73bT8kUV684UwIp89EFH08xS%2F5luiIyDtAOtNmCNnbt7j6P2GxX7wEnx1kWKCJwX%2FuKvdU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79413b287e0e3667-FRA
expires: Thu, 25 Jan 2024 06:08:19 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/ Frame 28DB 9 KB
2 KB 47ms
28ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320422/bvpath_258/script.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 13:31:48 GMT
server: nginx
x-amz-request-id: tx00000d17300e5e4b75bd0-0063ddca7e-32952663-default
etag: W/"921b0be880dcfcc231e80d970a2248af"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490899214&oz_l=73&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 31ms
30ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490899413&oz_l=415&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DF1 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsud1NCr6G5Ci9fY978l0VrDREyZRZWwz6Qbj9FNkaWxmywNRpZUB-JcFK1E7riNeyyHmre69ZItiHmPD_KsdfVDwcn7&sig=Cg0ArKJSzLp52tHPOFfnEAE&cid=CAASF-RoFOFkIZO5G3oqEZ_tY7ordh5bHwGO&id=lidar2&mcvt=1017&p=0,0,90,728&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2974423296&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675490897860&rpt=709&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK a7592669-08e4-4efd-86fb-e65b797ce27a
https://googleads.g.doubleclick.net/ Frame 3DF1 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/a7592669-08e4-4efd-86fb-e65b797ce27a
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: facd25d708d9c13ecbbee553e7eb9e729075f1e929bb528cad034217135f0692

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 802
Content-Type

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 957C 16 B
232 B 82ms
82ms Fetch
application/json 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-112-14.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 88ms
22ms Preflight 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-112-14.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:08:19 GMT
server: nginx

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490899648&oz_l=332&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 23ms
23ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f3ec30c75a7fad98cdd2465da36dd6ccfadfd6570866d44afb4535f9c6c5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11203
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:08:19 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 59ms
58ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490899822&oz_l=13455&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal900010.redintelligence.net/ Frame F06E 0
150 B 44ms
20ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/viewability?s=50120400015955906783183012225010&a=da1c1480&vb=v
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=50120400015955906783183012225010&a=dfda77f0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900010.redintelligence.net/request_content.php?s=50120400015955906783183012225010&a=dfda77f0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:08:19 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FBC8 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 01:00:27 GMT
expires: Sun, 04 Feb 2024 01:00:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4694 783 B
535 B 19ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3730558eb43a9d54c9c7c92b5ce1ed32af3af057f088e1e457ea87ba049459a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7gpgYMzTwrWzDgPeFQp5JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-7gpgYMzTwrWzDgPeFQp5JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:08:19 GMT
expires: Sat, 04 Feb 2023 06:08:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4694 0
0 40ms
40ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=337857566880165&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame FBC8 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 07:28:31 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490900010&oz_l=471&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FBC8 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sMYZkA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:08:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame F06E 35 B
478 B 24ms
24ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8188494958545204292@@61227813,8096171538062433977,100|1101|0|0|0|0|0|0|0||38|1|||||1|0|0|fkKms3RdyxPxBx_RTJEBJ_H6570j1ZJnlo6Ak7a82ndDlwg3fjzJhvL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900010.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900010.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=337857566880165&bg=!eXqlej7NAAaq5O5FiuQ7ACkAdvg8WmG4AHUxD8Hi-YZBa8mZRzDdTYSs5MezUxLeCEHJQmKuNcbnswIAAABiUgAAAANoAQeZAqTWGpnVZtA4_1xQVo9gIH_IHCQ-fzh5aHs-lsVeIuSy3JiVgAqE5NlJcoIbJ7iFwoWxm4GMFo6c8dIh6j3EXg70zfjC7m1st0UZmJdezwtB_rc2Ifk_heqSv5TEblTCZaRO0hcq7dQCX4izourOIgfi7ooXBmNjFaW4GLrnNl-cvFKPVFY-sznWCud56XYiEeSoMP3_9oTzYpK93ppwz-fz85z5OYxseBAfDh4iozTOiVFkLvCRpyUWjfpwQ22zNDO4iB5CpZndmUBxjqg0OB8aigqoYO_J6hTmei-5t5NxDsZnZPPH_rzTk4U3yksnVxQK6PnaztvYT1Rn8PuTk6U1DGTw5QXEeQ2rMN0QE38fnAivziZRCBwvaVSgG_mQGb0h_E4XjEYTjdi3neKQz6ONCOj10UKwsAn2XUVK6NERvxZOt3cA4EYkhHE4Petv2xAlZapTy9ZasWfdyqZd68GhsY-QgiaQrOI24VEP8vMf0lTtYOFZlDiWCsVm4CA-fC0oNTQZCZ8QW8_y1d9U5lzalzAcK3jF86sz3if2KYtQfQtNvdKRY1jij7BpLCoFs2Du3wWePYYs68cb3ar_kXOt25R7eb1v-b5Lgg7eBdF9SEPBV8LH9oPuNZVKlTGlwEyxuGLyjOd3dc1U3loF30ugCcr_kWSsh6Ta4dKsz8IJlbF2QOWHV5GwLq6U-N0g2O9DgaaEoYOIO64GJ0y5q17T8uu5m9rKT93gBpzFLsNBEu6BuALsMC62DIpzXZWAt1sPbk6Y2hg7qOfxRx1XgJQmd653FxG62CAamvm4ud3q67Qtu-SP8lZ-xN0K_qS_b4_QeUOQ4l1s4mqsy2w3Xr1lIpaiPr50f8lwHjXve5ALU_3Wo8T-XUaEptI9gdypSX0wX3vX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 29ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490902558&oz_l=257&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 /
track.adform.net/serving/unload/ Frame F06E 35 B
478 B 25ms
24ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8188494958545204292@@61227813,8096171538062433977,100|4700|0|0|0|0|0|0|0||160|1|||||1|0|0|fkKms3RdyxPxBx_RTJEBJ_H6570j1ZJnlo6Ak7a82ndDlwg3fjzJhvL_QlhaeLlf0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900010.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900010.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 30ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490904139&oz_l=268&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/ Frame 3DF1 0
145 B 29ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.88.0/619621/AcyHDEINEeNh0Ar_/postback?si=2114837484&dm=728x90&pd=avt&ap=&pv=f980f66e-29fc-4063-8789-358eb161e479&de=43003&cr=11204419&c1=12780336&r2=&r3=&ui=ce8c67b6-c509-1d07-0000-000000000000&pp=pub-2829192160917889&sr=4&ti=6386310230889300134&ac=1262142&r1=2001%3Aac8%3A20%3A%3A&ci=619621&dt=6196211556140246740000&di=https%3A%2F%2Fwww.balipost.com&ai=215543&sid=AcyHDEINEeNh0Ar_&oz_sc=15da2ecf2138d77a65095097&oz_df=1675490906122&oz_l=324&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:08:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPgXhvMimPeke84qeHhUxcIx1LXYSYLnQaHolMF48iujxMCM7_mEw2CJt1bc18CszcBwB4-7w5F39-OX0s9-JTuB2PsehIEh0AjBPR-Pm39xQrw7OvMei6yV09-C0XMIa0at5JxA&sai=AMfl-YSXW0z_SbS7d7E9IxNHN85AZtYSLxPC8aeUv-e0zzYU6qZOXJjvFl3MhLoArefqITAK7Z3O1eMRfCfq&sig=Cg0ArKJSzLYP-WjYenIBEAE&cid=CAQSGwDUE5ymkE0rp3r69n-Q7Nf4kR69wtHvlIikABgB&id=lidartos&mcvt=237&p=0,0,90,728&mtos=237,237,237,237,237&tos=237,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2974423296&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1675490896980&rpt=623&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896725&bpp=12&bdt=1061&idt=252&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OMgZYlQCdQ&p=https%3A//www.balipost.com&dtd=254

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6JGlvIXplLjD36pexo1d5puOS41Vl8mRQxH0a_fj7blHQ8ooxND39p0-3iu6GqeHwpGfYkny22tgbDyilw7G8Ux1jPJSOLaFbvvra9XIQBUTBOtes7-Wj0bFk_WYia3vwQ4B0eA&sai=AMfl-YQuh7ItkMtqI6Ji5HUrUfeSsxZSPp0_gVbjr0i80CbncFrFBZQgobf2EZ5Ge2LPbs2CdMBuFevQV-A9&sig=Cg0ArKJSzBCZmij60qOHEAE&cid=CAQSGwDUE5ymXhCX7TN54Wy1NM5lepZTJ6RMcpExaxgB&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=4143974309&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1675490896992&rpt=557&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896777&bpp=8&bdt=1113&idt=212&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=V9SHWADHuw&p=https%3A//www.balipost.com&dtd=214

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896869&bpp=18&bdt=1204&idt=134&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=6B6FXyxLgi&p=https%3A//www.balipost.com&dtd=137

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896887&bpp=1&bdt=1223&idt=121&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C160x600&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pYHEgIUr9x&p=https%3A//www.balipost.com&dtd=123

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675490896887&bpp=1&bdt=1223&idt=121&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C160x600&nras=1&correlator=2765791972825&frm=20&pv=1&ga_vid=1827210393.1675490897&ga_sid=1675490897&ga_hid=922943613&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071812%2C21065724&oid=2&pvsid=337857566880165&tmod=764753914&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pYHEgIUr9x&p=https%3A//www.balipost.com&dtd=123

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.balipost.com/	1970-01-20 19:00:50	Name: _ga Value: GA1.2.1827210393.1675490897
.balipost.com/	1970-01-20 09:26:17	Name: _gid Value: GA1.2.1695449792.1675490897
.balipost.com/	1970-01-20 09:24:50	Name: _gat Value: 1
.balipost.com/	1970-01-20 18:46:26	Name: __gads Value: ID=c41bb6c8072b7541-220eb81584db0079:T=1675490896:RT=1675490896:S=ALNI_MbuIlOR0Zi8u8BKw5mrCDJie3S2rw
.balipost.com/	1970-01-20 18:46:26	Name: __gpi Value: UID=00000baf7aac46c5:T=1675490896:RT=1675490896:S=ALNI_MYeau6DlmgHYcPOtLTXIpEnCUi6dA
.doubleclick.net/	1970-01-20 18:46:26	Name: IDE Value: AHWqTUmBhLlgQ-U8oBbycel_elUz5t46YyGp1e3IONv951wfcnnAPgsuGCXfZtDEs5I
.doubleclick.net/	1970-01-20 09:24:54	Name: DSID Value: NO_DATA
www.balipost.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1f0f5bf308fa157dc080e75216a6ae1b
.mathtag.com/	1970-01-20 18:10:26	Name: uuid Value: 468363dd-f652-4101-84e6-012c95e6e280
.simpli.fi/	1970-01-20 18:11:53	Name: suid Value: 223FC91346F34358A9682166A18CFBCA
.1rx.io/	1970-01-20 18:10:26	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-15d853ff-2cd1-4668-bce5-cd0b2580fefd-003%22%7D
.adform.net/	1970-01-20 10:05:10	Name: C Value: 1
.lijit.com/	1970-01-20 18:10:26	Name: ljt_reader Value: GGUwqGZHjRPoNVOrReakWIZH
.adform.net/	1970-01-20 10:51:11	Name: uid Value: 8188494958545204292
.mathtag.com/	1970-01-20 10:08:02	Name: mt_mop Value: 4:1675490899
.targeting.unrulymedia.com/	1970-01-20 18:10:26	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-15d853ff-2cd1-4668-bce5-cd0b2580fefd-003%22%7D
.3lift.com/	1970-01-20 11:34:26	Name: tluid Value: 5891912541300341760
.pubmatic.com/	1970-01-20 09:26:17	Name: KTPCACOOKIE Value: YES
.bidswitch.net/	1970-01-20 18:10:26	Name: tuuid Value: 6588121d-2d9b-4a1a-a7e6-111c3c2e322b
.bidswitch.net/	1970-01-20 18:10:26	Name: c Value: 1675490898
.bidswitch.net/	1970-01-20 18:10:26	Name: tuuid_lu Value: 1675490898
.bidswitch.net/	1970-01-20 09:24:51	Name: google_push Value: Aa02lx-7WR8NoewuXLiutd62D3vAjSsQtP1t3wlk79YEsi7HZp9Hi5HCH3wGSUgdd6tEZctokpLC9Wxxn9DkzmF66-BDwje5_bhou0rk2z7OwGnNsugPBHFw1VEtuAx_-0VpiXqh8_u5UUZIBN0
.pubmatic.com/	1970-01-20 18:10:26	Name: KADUSERCOOKIE Value: 14D5B6BB-E3A9-432F-8A01-7A51BF686853
.agkn.com/	1970-01-20 18:10:26	Name: ab Value: 0001%3AbWD3AOG7dYiYgKLiPIRo3t3GcscHhP7K
.agkn.com/	1970-01-20 18:10:26	Name: u Value: C\|0CEArcLLSK3Cy0gAAAAAAAQ13AQCAAQpAAAAAAA
.awin1.com/	1970-01-20 09:29:10	Name: awpv11354 Value: 412871\|1675490898\|5200efa0-a452-11ed-acb0-22645d5ed731
.adform.net/	1970-01-20 09:34:55	Name: TPC Value: 1675490898916
www.conrad.de/	1970-01-20 09:32:02	Name: HTLP_timestamp Value: 1675490898
www.conrad.de/	1970-01-20 09:32:02	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 09:24:52	Name: __cf_bm Value: wvm0aGP5j4W2Zh31OYYf2bX03_v4gVWP.Yl6QVOuaqw-1675490898-0-ASaX6UOYGwXEU2tyjZUPrdNJzVP9n95Ivw5qiP8XNkRBuVj0utECwt4Gs+ZSVSEhvqc+nAkudhKIy7GDOHmTQFQ=
.turn.com/	1970-01-20 13:44:02	Name: uid Value: 2741700204928597958
.awin1.com/	1970-01-20 09:34:55	Name: awpv11938 Value: 412871\|1675490898\|5217abf1-a452-11ed-acb0-22645d5ed731
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 09:34:59	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1675490898_5217abf1-a452-11ed-acb0-22645d5ed731%22%2C%22sp%22%3A%22awin%22%7D
.blau.de/	1970-01-20 09:34:55	Name: nscT486 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjc1NDkwODk5dmxlYTFkZTIwMjMwMjA0MDcwODE5ODEyNDEwODA4MjlYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/	1970-01-20 09:34:55	Name: nscQ486 Value: V
.blau.de/	1970-01-20 09:34:55	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023020407081981241080829X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/	1970-01-20 09:34:55	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjc1NDkwODk5dmxlYTFkZTIwMjMwMjA0MDcwODE5ODEyNDEwODA4MzFYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 09:34:55	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 09:34:55	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023020407081981241080831X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjc1NDkwODk5dmxlYTFkZTIwMjMwMjA0MDcwODE5ODEyNDEwODA4MzFYMTE3NzAzVjEyMjYxMzI3MDJNU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0 Message: Failed to load resource: the server responded with a status of 500 ()
worker	error	URL: blob:https://googleads.g.doubleclick.net/02d1bf1a-78c0-439d-98fd-51827e38ff7c Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/02d1bf1a-78c0-439d-98fd-51827e38ff7c' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/02d1bf1a-78c0-439d-98fd-51827e38ff7c Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/02d1bf1a-78c0-439d-98fd-51827e38ff7c' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
balipost.com
banner.congstar.de
c1.adform.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cse.google.com
d.agkn.com
dclk-match.dotomi.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900010.redintelligence.net
image6.pubmatic.com
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel.mathtag.com
prod-rtb.ad4mat.net
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.update.mediamathtag.com
s1.adform.net
ssbsync.smartadserver.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
um.simpli.fi
www.awin1.com
www.balipost.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
13.248.245.213
13.42.68.116
138.201.63.145
142.250.180.230
142.250.185.98
15.197.193.217
178.63.52.121
18.192.88.32
18.203.96.5
18.66.147.95
18.66.147.98
185.29.132.245
185.29.132.246
185.86.139.94
188.166.207.31
198.47.127.19
2.19.44.80
213.19.147.44
23.203.125.36
2600:1901:0:76b9::
2600:9000:211a:5600:1b:5138:8a40:93a1
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700::6811:190e
2606:4700::6812:7e05
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:400c:c0c::9c
2a00:1450:400d:804::2002
2a00:1450:400d:805::2002
2a00:1450:400d:806::2003
2a00:1450:400d:808::2003
2a00:1450:400d:80d::200e
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200a
2a02:fa8:8806:16::1400
3.68.24.7
3.9.112.14
34.98.67.61
35.204.158.49
35.227.252.103
37.157.5.73
37.157.6.245
46.228.164.11
46.4.62.19
72.251.249.13
84.200.5.215
87.118.116.9
88.99.63.132
92.123.37.164
00f81781064ba4d9dd024f4a225604a57e30d256bf1526622c91561c36a67785
01c4b7ea2a08142064d2c3994a2cc73d7c55125d586d2a918ce3482f4439e1f4
01ce2ae112dc4c76200f1b2c0a83a902e40e0d76559304383c5f28424b82d914
03585b5ebb982715d59560def5c14760821e2ad65fdd486cad08fe34ab28f300
042a44c667b7423db51b5709d9d078ff690dca919fca5b40a2ea3f59700a5561
04e17adb205e74e56210fc859c9ceeed3480d93d92797803f50c355bea1be58a
06c90677fdd315ab9122ae66492dfe2e4c5901428cf25c4526da17cd40c60a2c
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
070135efc1f767bfa35e3baa57f2159bda8fd90bc793a50891708f7e3f1ec43b
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba
0780defe5ba5863237025d0cfdc28e5304dc35c7bdb3ee6e283cba3f7aff46b5
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040
08e0d913aadaef201fd3200ca49fa991a2d8d02b3d9a54621123d71837bbc73f
0a64a8e8c3e320320a0340916b6606014c2193eba441414d2250636ebc834839
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da922d3893e736820ddfba802b6d8f1c93dee84acf29625f2a7aa70b9dac144
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
12f0daafcb2564c17988b4b35be5ac578b86c7e5100d54eead4a1ecb22dc3c13
13a1889f00fd2c485843b0bd47ac837f8cb6fd68a527bb256b9055a5825c2f3b
14852da368645c1124930acda9ee893164b23d8f76ca4efe918f939c48584d99
14fd46c79ea2ec3ee979acd36fda0dc96b5483c6bd936f8c5f310a3aefa44947
16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e01e250b9c5671fa8592f6faad7a10de30e18b94cb5e6f85e8928670c050b82
1e4ba2b9943af56b9826707b55d94597f5288981e4b1ead596709e42c479afd8
1ff1b8eef215db09a107ad693b21a4e40d5b597cce9e224db47fc74cd3604669
200440f0163bcc603cef081eaa9bcfd7beced2faa84caaf5c473bc928f5a6ea6
218b463d1015f6d364af02ffb5140470540e96bcbf5669eef4fb4bd0bf358142
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
23ca2cd8e37785daf3aa7a832de57ba7c1105b57b72858b093e9092c4a35eda8
243a13a999bab66e6d4aa847ecfe386b2d4507f803d47da4902186c194684afb
25bd2dcbb8fe8d036d346302b46f8a72c0d8aafc9fb152b44afd648a9a1f9e27
28d9374b9c173602edd327992c7696a708a524f590d749e8ad31855f4fcd7e2f
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2cb63dc9bd6c4b36fb27d7fd0c4446a8b06608e8f75fb975d0547ff387979fdf
2d3f1262723ebc47332462fed5355061924b5a2ad5e34ee4412f2f81958c5d56
2e9a216c1e7bbefcdfcd221fb062183a7329de996d207773200849de6547df6c
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317681b1a750d61380dc629262df35675467a5aed72b5d472833e0ec6d464f0a
32879fa63106d2274fd3a49869030f5891a0d95ea33efc1cbab2f0b26e8a3ae9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c
336128f35b8e9c6cc864f62e324174dc26c2a68e02e3fb7ec230383a1b160448
3728cd70035de1dcb42dc4088a299ed643d82084cfd1e6a0fb96316c6d87bc52
3730558eb43a9d54c9c7c92b5ce1ed32af3af057f088e1e457ea87ba049459a0
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
38a448e9e03a9f64e7611b19af4bb8ec97fde2c708dc57ebbc7701be7ae3af08
38fea580d7308b1021a21de1b0d57d1a4cf09de646c16f90adc2d8393fe9f90e
3c935e1bd112cead80ae3b47e42da83a5337727b90b26a6104d3b505336ca46e
3d856dcb624b1cbc91a78c398493d33c9f69270db63d937204b434506aa331da
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3f00b566c3dc6fa6afad7adfcf139394095cc15e6037f28912c78542cee99fe0
4442d05849dcab52d6997cef6d5ca393c0e0532024466adb07beea6d2d38ea26
4568e5c1238819a11c6fe45bfe0959c18020bed1bc93e8db8099c2a8d3e4b034
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
475dcf95fc330f8fa684115576568b15a255102f3ca4f2c60ba68df04483e471
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49af6b83569c5e8c707e93884d9ba619b402f0a115925951301e2e3c844f0ad8
4c7bd4f26fd058113bc723438a59d108924db23d03dbf42744da1dff13b754b1
4d48c41075f946b87b5d28b956eba524d999fe842644ad835d63222787485aa6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef427307dd25f232b0f24e5a33d28be07a0ef2508206f3f5ef674872542d07c
520ab18d78e948bbc9c7c7968c76116a88cc80cd4d40174eef88e6aeeadcb857
527a8d04b35853c1a30b0d2c1937e40ef54df5234e512d216bbda3ee6f24b92b
558cd367c0ef5e3ae7513f6cd81f98649bd5b8a1d45ccdc702e4191a6e456ddf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fdd5e79a54b488e0085fc0082d6c5df5fee441843166ff1db4f006d08e8281
577c1a1703309ed180f89c830ab65428a4c97203a6d83ed8fe146d0577b158e2
58302f71a13aafde83f5313f1318f4c3613f0050c8cfd2246dd85457571f9a29
58851ce24d16ff67924516a89d870d3fce4e88c5fe37d6488f38e35ea81d9832
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5afcba41f7531afcdb5dfd701fc7a636a231dc0a5a10eeb44d98d82d7402505c
5b4d31192aba6f76ad3ab4b13a45456e2d0f5dd63f1a841fb3f986baa6ee8155
5b56b3c8203fec9f9191d5ff63809771f039c58c3bef5ae0656aa3b874680ae3
5c4aa6d686a05e2596f0e3b7a32d45ad9c6a0f3c26db0e2ad2b1e416a37f43a7
5c715c66572d4f5a7648af2fe46d9e3f6692050bf83cce16e898d67044d18abb
5d02adac15e34cf8f7ce081e8494b9522091281a4adbdfb0c12e7a6bbe3c98f9
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5fd0136596d768ea3b04a98065190a3126dfa55ae360ef0e2cabcb4898724c65
6055a6598809a88726c521ebb7c95aba43f5ad5dc7dd1233e405abeddacd01cc
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60e52a19fe23790b163dd2a27b256eda989ec4b90f79b0abe0caedb1d44a0796
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631ea984de646c0a2bb97612e304482c559c17713ab03845140a7b4114e4ae8d
639a3d16ad06e2bcba789193a228ce5f0a1cce51b5612f91bf538ef7648705eb
64a9f2909a7d2169cdb6f615b9105e49cf75a12a16fbbefc93af6cfa618dbea6
6552b5001c6029341f5ae010016614d1480f7deedfa84dd422b589ad942b7811
65cdb4094de240f160dead74d4187651ad0ca73497c003d561a8998393a9d19f
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
670aa98261f6f47763a0e2f55bfa5dbdcad3feda46522a9cb0d1be718897f227
680d3524327a5c2d6418ce70642ff47df1f7a8c3a37727d8e968b68aa0befd72
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b9a5f7f36f8f4940af525e24fb0457441119faf8d5fce0a077b8ea3862747f7
6db32823404e251c378ec37a7b2654e1ea86df67d799e3d35f2ee86a3f2b2aa1
7078e9bfe5cf29b4352c2e2dac93d047c6f4ab1265d1c44ddf88b63b5646cff0
70d6fd02b5462a15e479da3064af714710a9afaaaa724e49bc202cb8ccc994fc
71a3c4b86870ea13d02cd4effc181dfe5b1582109bff2b79a998b64fbdc25e7a
744143bb86f291cdd8b04fb1ca19b86f1c04f71394f1714682df1619971bb5f4
749465d389587e1e1c28f0044cbe3b0fa1dc84da3aa83f68a127b2984c389e06
779a6752d0d445f5f10e5c89545686b5ece34357caf2e0b3f23dc8db3b70b9d8
79e8acad3757220fe08f18ddba9afffb7a9d41405f7e3e197199f09e06c98285
7a31714a165b10219ca8b7a645e5ac091d4e38fe8116ed315b7a2648226af70e
7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83
7c1cdcc2bf3aedf7ecfdf8bcd5c942b859fb1299f4d1ba9becf3d0321b1051cc
7c997f6bba33395da119f92fd784699564bb92f4593dcf956541cd99a92fefde
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2
82afe9399e94c31843c363b75aa5e45a332dc01a8e78e46562cf4598a8372787
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8346e7dcbf82a10394984a1719d6c24fbad7287d9dd1b02f3188660fcb8b79ee
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855ffaf8cfcd55c62278da9898d1d37bc1b56bb76b3a686a02a478f64c070858
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88338376e9ea49dbeee61d90650b389d9a48bd6a6dce148851cff3adbe2290c4
88b0379349a4dda6ebcc43c5bd12084d230c6105a6fd3c2f651c4e771b3eabef
88bbd6dff28a352e8ece64314529cc2b05c37302224ff46853376daf74a40d9c
898ba5f231a1a1227493f31318de90ab8d2d3ae71245f601680a1946f55d8bd7
8c9a04fabdee4668ace88c302ac7d6e1fc9a3c7a30572405099ab087bb4131d7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ea8be5f9733c07ca7b7aaac3526ba6b4eb6df006ac62682cf1a536fd1aec260
908c3c9a7ea93db81fc6ac171cc15e33748400b3f7093d66bafc8f740f4c7b5f
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960
951ccfa4ed18a1000a7548ccf8895033f527892e59aa0b15a12078f3e3f1f6f2
9605460846a5247ae9f7d94da7898e16f90c30852b571a533d3dde3f273cb6da
976318f8c146300f5a79a33c0659b0fb8ab7d7ef634aeb94aa38f49e6635e1f4
98010c073a5d4feed6bf2dd49674fd9ee8d5c5c223b2a031213fd71b61e85132
9a4bb2cda800b4463b59e9fb2b9c879127a2682e54e45e3e9375d22a89900a58
9a56320bb8bfb81dc997a1120c77ec017cffab4db5ba5482afb29129e0690540
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b439cca118a26d74750a7bbd66a424bd64386abf3063627426ed3f89e92b734
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9eb1c22eaace3eaadbc65aee8f3ae9524aa610d7d5e200a96322f42e1188f00e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a140ef7b30807a0310338949fe4460a2e9f7ea71503c917e12550b5c06ac68ea
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a74ad4b94666ee0f1d4ded8ec523ebdccddd18c9f06592ffe87ab674ef6fbd15
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
ac22cc97540c372609bd3cc1195e2153b7390da19342f49458e97a32db586eaf
acf3a6cb4d98c497ab03bc7d316e56ed752b9d4e9bc8d2c14ff458970324c087
ad3616f8f2aa610e535c677b50a8e617ee4168aba7c0c050f0cfac69c4682458
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e60bfe6c1170c06e99d7364ae9ca7429de2b5c501ac0819d4a8628c085a863
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b82fdc5eb2fe1f654362eda77297507118b2dec1fb16fc3fe393cf590f9b8c5d
bb3cd0189708f2914df04c6adc00ef07a1f64d376dfe6c548d4f02e7bb3c113f
bc520f34e0e2530005a386d108c6422878efe5eee987659ba867015fde2ddf53
bc7a2f5ef6df036657a8c1ae6e15c836d553a21443598ce5d729e69ff0d6bfaf
bd4ef99216c1d073eb7ad09ef524e397d265b7ab1b4f755462370a9fc6a40364
bda6de7191fb31fe41ba1fe08532b09c39f7753aca12545dbb6bd3f89155cff7
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9
bf9f723c8119c017afec425fdbe058bd4404e0c5853ff4a72164449d8507a210
bff12820a23bb3fe79903e659b5dd56cd9b3643c743ea7eca8db8e1361533917
c0e1d21589d1b473d33e0409b74e27000c38025aedef5a2c2fe42f2e8f62a3af
c13d25e73c58817709e7a5249f64dc37f0a6e0be544b9ba5cd05da37e096accc
c40bae480ece754561ff5f38ce646abadaf26c947c3c0fe88b99c03ec379bdb8
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac
c6d74732aea6f960bc0226b6cd6fdb847dad575672bff8370c6cc64935b8cf8c
c6f2ae620b42156c1d34649d570b881fd4816905f85188237474ec42b66519bb
c7e90a1fbd4357ed481163ca35019a5af76b95c4fe2cd99c1f9b0df01c06e745
c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9fb8595b38724ea9f2efda4bcc018f839e31e3d69e2c08b07d7889239b7d080
cb452ddb4dfca86dbdb3ef1b6616041baed0201d288a3aafbce1b57c97d7ffaa
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
ce8c6ae7c4058553cfb110aa176bfd69c0a7c9b95ddcb7fc02c47480db246aef
d03a0e0c2c6cc47e5799d246a77f6803365c08ece711e91e5368d5cb7ca70ae0
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9
d6f3ec30c75a7fad98cdd2465da36dd6ccfadfd6570866d44afb4535f9c6c5e6
d716856a5d7ef4f89e5b8da30178a6d8770f755c1838cb55f9646352c7aaa768
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7b2511821accd27da140126dfe86b6687a8decc356ff7c180069e363522162b
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d8a754aeb7ddf52b4696dcbb5f3d43f8a3f1b4f7ab2e2a8189ead0ee1675e65a
d91b968829d146f6fe05fbc7690c73e5da58b750a2b4edb71c5d1d44226eeac4
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc09db8e176e12a83a4f1b4b8bbcf4e130d51182cf6e66889d91f9e83e0040e8
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
df8cf94c6c06aac8538d3b41bb58f8ab2ef023a8a4460b58d57fe4422d9d6b1a
e10858db6f9326af888220b000a340779c5fd517706e14321c3bbc7e1deb4d61
e10883da317ac701db529c65a622ed43a79375bfe7937b9784e0914130f1b1a4
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
e2780421fde3ad718b748203906425b9e2a9c9cfdb68e68f5990658dcc4e8dbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e424c4c20d40e69bc6c0f5794d725ade9381b666be9b0128bd36f30fa8e1b0ac
e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7
e6db1c496e61d476ff8ccbe4bde6f0c5daec62d689d441182bb017d7ebdb5161
e77789f15248b88d9867e0238ceb84ff2279871f98aa15fdd7ae66f895d714e1
e80e4a0299b436925a2cd3076299d5db0d8c2ad6e9d591df2c07ad784a32d92d
e838e84ff36c7716639fcd8fa6aa2e543536a98aa0a4ad20bfb6fe3fa7c13137
ea05e1e3891c28f2c242bc3d2c3a9944ca2d6c9f0c8fadf209e9e93442ac46f7
ea968f1a1dd5e315a5f94f1177d66264f6ba7a6e5e8ace2d3d953b5864e8f4e1
eded12b276b31b3393992b0a701a16b79b4a5172329a0e3ca59b97ae862368e2
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f
ee829a53b71f33f53c2adcf65f1621f3b746ef9ff8e2349676f7b7464c40c268
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f188f6b66c3985d323b50898dfd4cd1d850762bb370e9a60f5f4b8de198b7ac5
f2e217c62039a8e5d1c7f27ee70af039bd355789a085e163c59f2efe06e4120a
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027
f452eb0737b9ca67cfab10b08db9ef43cd2695136d893c659568bc88055630f1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f53a4e4bdd08e765ef377eec73ae37b4ffbe694654e6d38d9dc8c655a5e58ee4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f94cceef8c9d24c45af5446bf1a8431cfb7d1e3596b9cea1c6ee01513e9638cd
f98171dbce7a2b0b33c1da4522413a5bac09a29b3326d1a863d5062a529bba9d
f9f4fc927810c8c450a644361caa62fad39466a12a7dc6d442da1da90316d621
fa79079ea0b82b1325f59d113913bf0a168df6bbd223ca97f4b1a831f7576a4d
facd25d708d9c13ecbbee553e7eb9e729075f1e929bb528cad034217135f0692
fbe22412efdc4b5dc49adc47132fcfdd184c3b5f99a8d43321a38e1f182d0b1b
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fc58b23d3f77487278dcf48df8b26048ee6c880cd7adf98901523472045fa9a7
fd80978029a3927449232044b5e7e4c21fb7550ee750134148bf58368b3e7750
fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d
ff37bcc143b2d424a3963690babc38d50b11db540b7596a3d984ae8fbe7f8baf
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

www.balipost.com Open in urlscan Pro 188.166.207.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

340 Requests

90 %HTTPS

41 %IPv6

43 Domains

63 Subdomains

45 IPs

10 Countries

4370 kBTransfer

9346 kBSize

40 Cookies

10 Outgoing links

Page URL History

Redirected requests

340 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.balipost.com Open in urlscan Pro
188.166.207.31 Public Scan

Screenshot
Live screenshot

Full Image

340
Requests

90 %
HTTPS

41 %
IPv6

43
Domains

63
Subdomains

45
IPs

10
Countries

4370 kB
Transfer

9346 kB
Size

40
Cookies

340 HTTP transactions
9 data transactions