brandcars.biz.id Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rustic.biz.id/
Effective URL:
https://brandcars.biz.id/
Submission Tags: phishingrod
Submission: On January 20 via api (January 20th 2024, 6:26:24 pm UTC) from DE — Scanned from DE

Summary HTTP 113 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 23 domains to perform 113 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is brandcars.biz.id.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.

This is the only time brandcars.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:d2a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 24	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
5	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 4	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1 1	23.199.221.167 23.199.221.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6813:afbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.177.87.134 35.177.87.134	16509 (AMAZON-02) (AMAZON-02)
1	18.165.183.91 18.165.183.91	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.21 108.138.36.21	16509 (AMAZON-02) (AMAZON-02)
2	18.134.214.132 18.134.214.132	16509 (AMAZON-02) (AMAZON-02)
113	29

1 2606:4700:3033::ac43:d2a9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rustic.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.brandcars.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
brandcars.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.84 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.221.167 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-221-167.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.87.134 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-87-134.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-91.zrh55.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-21.muc50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.214.132 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	brandcars.biz.id 2 redirects www.brandcars.biz.id brandcars.biz.id	148 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	356 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29340 ad4m.at — Cisco Umbrella Rank: 11475 assets.ad4m.at — Cisco Umbrella Rank: 41583	140 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	102 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	71 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	113 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 583	3 KB
4	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15457 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462 dis.criteo.com — Cisco Umbrella Rank: 608	48 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344 static-de.ad4mat.net — Cisco Umbrella Rank: 164401	1014 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 86865	493 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16092	695 B
1	adcell.com t.adcell.com — Cisco Umbrella Rank: 57836	459 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7224	668 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	598 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	rustic.biz.id 1 redirects rustic.biz.id	451 B
113	23

	Domain	Requested by
23	brandcars.biz.id	1 redirects brandcars.biz.id
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	brandcars.biz.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	static.criteo.net	ads.eu.criteo.com
6	assets.ad4m.at	as.ad4m.at
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	c1.adform.net	4 redirects
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	brandcars.biz.id googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	t.adcell.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	ius.ctnsnet.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.brandcars.biz.id	1 redirects
1	rustic.biz.id	1 redirects
113	37

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.gianmr.com

Subject Issuer	Validity	Valid
brandcars.biz.id GTS CA 1P5	`2023-12-16` - `2024-03-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
ad4mat.net GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://brandcars.biz.id/
Frame ID: 35390A09017AF0513EEC223F3D22CF15
Requests: 29 HTTP requests in this frame

Frame: https://brandcars.biz.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 0509E30C873536B74CC67C286FABCDF5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 6B73306DDF7AE7B10B0A873FABDB3C72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&adk=1812271804&adf=3025194257&lmt=1705775180&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fbrandcars.biz.id%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775180336&bpp=3&bdt=257&idt=178&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1401372926594&frm=20&pv=2&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=196
Frame ID: D6555E9E358B9602074EB8406118969B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=280&slotname=3228236246&adk=2817947084&adf=2984306924&pi=t.ma~as.3228236246&w=955&fwrn=4&fwrnh=100&lmt=1705775180&rafmt=1&format=955x280&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775180339&bpp=1&bdt=260&idt=198&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=323&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Frame ID: 54DAD00D4324647045698D7503ADE3B5
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZawQTAAIhiIHg4YZAA9EV3UynmU_0iG24Henpw&u=%7CvZ6Hc8NuTL37qmsBIKxyYBzmP83nq4tRrN4D7wD4kng%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANeI2IPvrkyZr5ZLa9QTnRvNU-uZKgDdXDerQuiPLMpwm4F1QklqlGKqtM7idntuHrKdBS433gYE4NmUQq6X8tBJ8a8akr3ehg9lhwexfe2inTN9ylOeW0ooXh-d1QaAe8C1iQWKI0zZMT5KSqrv9NjINEL05wYMD0cX9jR_XjidMYVu0eFd0U1nYyROeKHZGvJIoxUkeJaxG6fAEzEOEctNEOm1RR473f8FtrjcTDn_TwlPtbbLJwKTXwgKTghVhWF15pkwYpupZRLNopYRil0Fn2oSis75EFybfHe2IsiVxCyFW1Bo-CDbADsu7c5c3kr1e--rcYF_WZ3AiBmIvQLMf29XdqGsQ3ZpNPGk1Pw6Ski3QcTl9wze7YPkJjMa8bwcmyuFuO_BsuhiBZcOutmv68wDsO9pcDNCKpce7IMbMGnh-OnNunQXzihWSdrjaivbzSf0uFlEFhJ2aS-tNn5c-AjBJkBZXc4mcREmIzwB9BCHyu1phHleIRoLcivvuW1MafMx7eCEeNz91XAUA9J9vh9xdj2maupumviSPHzLEbdJzjixtlV9wOJWWUX87kYB3Bn8MK8KqOEU5E3_WzN1bhCE5izUh2vFKwiIrSNBq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkUQHTBCsZaKMIpmMjuwP14i9qAzJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgThAU_QUnjPud2Bc_dsjHFvDM57in6hzuR-eUxljA2RcwYz7apD6o2rhju4MKs8pTIpy-EVKRCBcntrll8tG0EAxRVukWCOQhTGCwZxGDEh1SRUsgDiuUu8zFnQLL0uXXFEO5H2cDdXVogq7poSBZubtMAEPyKvCtdIIT5jaLejHJjxIvMfM-IKgd3btFVIS-Zorx5Rp5bT02nuPupPfj2l-xZzqq1Ge30gWqjtsF7AO46PwR2BPgfthGezcDduh8etOyU7kjy_G8kMRdhhzcBF9O2gvdHFUSrMjade7IC_s9Ax6oAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK3F0N3L7IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bmksqsr79IytQ5BCKDWX-6L6Zyg%26client%3Dca-pub-8811487029503365%26adurl%3D
Frame ID: C25BF6C63C0A3C2D6C5C794AC00A7F13
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.608387468~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1200x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280&nras=2&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Frame ID: DB561DCC8D0A79537BC79962D97E8B5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=4033532932&adf=3023639563&pi=t.aa~a.1372487962~rp.4&w=1008&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1008x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280%2C1200x90&nras=3&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Frame ID: 7C559362C024BFB7CF3F4104BFAE4EBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2D6A49EEEE4CAF03B69762D07369FE7E
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 573F78C72E33474EAED3FB17CFA8AA32
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: C901AC64078657E226958B064F7B85D3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gxc3gfwh5z0b0x80c9bawhvwkmax0tzeew0qa0khwxhx5fxqajwb8wf14gms3jyfq6gnbazff1nz8ht8x7pxjzfbj68h8k9mdsf78yxb9ajew3vnvaxfzp7xf2y2wshk4cdbed4ftaemdmf3z9k5nhj9jvn9y5zwc1972b19eh6gb0smww4ersk5d82dk85t343tqqzv5vha4qsqvj6h9smg5y8jvyn6kdbg83ztp5awvhz0zgv5m1h1dvzj3kmra97nxg43gr85gabef0037r1x73x1vy2pymx7qxjy8z3nzjds17kmcv7agjm3zwrjacs6syax4r1hkmnrmeghrx450ebsn7rgya2070qtmtc2p555x1vr03xbsdszs4qcgmx0ah6hjbva7ays0bny0dpjrpcc5g4wf4r0erzh2tsj6qs3g3hfefsf45pev983pd5ec3t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%26client%3Dca-pub-8811487029503365%26adurl%3D
Frame ID: 3C9C23E2616A896661BF61CA69179BFC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: 117D17EC2A77328262CF4611CB4F9B6F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 706AA0C25C9778D0A19AD89E1BA52FD9
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 665A36AE324F7629E8BCA815D97A7EB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30414123F193E509CD5A3ABF8C802FD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0428BEB82FA66EC97EB8506EA3F382DC
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Frame ID: 960D0BCDF8E7B6E9512F540ADC0B54D1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Brandcars – Auto car brand idea

Page URL History Show full URLs

https://rustic.biz.id/ HTTP 301
https://www.brandcars.biz.id/ HTTP 301
https://brandcars.biz.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

113
Requests

93 %
HTTPS

67 %
IPv6

23
Domains

37
Subdomains

29
IPs

6
Countries

1214 kB
Transfer

3279 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: http://www.gianmr.com/
Title: Theme: Superfast

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rustic.biz.id/ HTTP 301
https://www.brandcars.biz.id/ HTTP 301
https://brandcars.biz.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://brandcars.biz.id/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://brandcars.biz.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 73

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPf4ea1Vj0KuFnCJVOZszqI&google_cver=1&google_push=AXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvbsSRHR7zTV6QvgHvbanzR40re0mxv7jF2AlI-Ebfi49fM002Efp8tiVxKQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvbsSRHR7zTV6QvgHvbanzR40re0mxv7jF2AlI-Ebfi49fM002Efp8tiVxKQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPf4ea1Vj0KuFnCJVOZszqI&google_cver=1&google_push=AXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvbsSRHR7zTV6QvgHvbanzR40re0mxv7jF2AlI-Ebfi49fM002Efp8tiVxKQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvbsSRHR7zTV6QvgHvbanzR40re0mxv7jF2AlI-Ebfi49fM002Efp8tiVxKQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 74

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM4wiqyTh-a1SSKbiPY39dw&google_cver=1&google_push=AXcoOmRXnzKn_ftxzxoc_1Lg6cbMcH7D3apmhmWPNONclLx4PISNRPQGz_ROVTMs8yl66TSa96U6gE_QsIubBfny1aKjGBL65aCQ6m1bJQJpAQDZF2qU-EsvG7eXoJ1eAKMsnQPoY97croIYIbLRnnKZ1xzRcQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=B9MKgAYCRgEtqTW6jjzEaA&google_push=AXcoOmRXnzKn_ftxzxoc_1Lg6cbMcH7D3apmhmWPNONclLx4PISNRPQGz_ROVTMs8yl66TSa96U6gE_QsIubBfny1aKjGBL65aCQ6m1bJQJpAQDZF2qU-EsvG7eXoJ1eAKMsnQPoY97croIYIbLRnnKZ1xzRcQ

Request Chain 75

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGfkm86_s7eUk6v-oKNutLk&google_cver=1&google_push=AXcoOmRMv7a8xDr_dkX0GZwamVr32jHcECb5gj1qaKnEwRjIMFcLE9tA4b30DMphf1VipEzj2kzdFWHuPcF-O4r4_jHVS5RUEjpw0h0i7jHZbKNMBZ_ZAwOxH6YCagXdU_gvUiWqUCWuRR-6sAZKAL5MCCUVtg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGfkm86_s7eUk6v-oKNutLk&google_cver=1&google_push=AXcoOmRMv7a8xDr_dkX0GZwamVr32jHcECb5gj1qaKnEwRjIMFcLE9tA4b30DMphf1VipEzj2kzdFWHuPcF-O4r4_jHVS5RUEjpw0h0i7jHZbKNMBZ_ZAwOxH6YCagXdU_gvUiWqUCWuRR-6sAZKAL5MCCUVtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgzMjE2MzA2MTE0MDk5MzYyOA&google_push=AXcoOmRMv7a8xDr_dkX0GZwamVr32jHcECb5gj1qaKnEwRjIMFcLE9tA4b30DMphf1VipEzj2kzdFWHuPcF-O4r4_jHVS5RUEjpw0h0i7jHZbKNMBZ_ZAwOxH6YCagXdU_gvUiWqUCWuRR-6sAZKAL5MCCUVtg

Request Chain 77

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGfkm86_s7eUk6v-oKNutLk&google_cver=1&google_push=AXcoOmQWqKE5hAUPmiK4msUqZaD3Us2MsuphOIxtiUX9O4PKccwaQQ0PYtueOTuRH9OViNuRqjibHuE-YAQn-RfYB_pJAJeGmEzUYv2RPgRCkDvKTdc14nd-f3LR4xZz4aqTEIjUMU80UUv9w9XXowbwjxQK1q8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGfkm86_s7eUk6v-oKNutLk&google_cver=1&google_push=AXcoOmQWqKE5hAUPmiK4msUqZaD3Us2MsuphOIxtiUX9O4PKccwaQQ0PYtueOTuRH9OViNuRqjibHuE-YAQn-RfYB_pJAJeGmEzUYv2RPgRCkDvKTdc14nd-f3LR4xZz4aqTEIjUMU80UUv9w9XXowbwjxQK1q8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQzMjM0Nzg0ODgwNzQ5NTcxMw&google_push=AXcoOmQWqKE5hAUPmiK4msUqZaD3Us2MsuphOIxtiUX9O4PKccwaQQ0PYtueOTuRH9OViNuRqjibHuE-YAQn-RfYB_pJAJeGmEzUYv2RPgRCkDvKTdc14nd-f3LR4xZz4aqTEIjUMU80UUv9w9XXowbwjxQK1q8

Request Chain 78

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEASKmpZdCfdSz7aiASWiffU&google_cver=1&google_push=AXcoOmTnmOt0p5zxmr5jJGO-IVgqQiSVqbkJuTYzeNzrwf1Z9BX3n1RZbLC_AT93qgoJ5l55OY-qrrOWSOEIRQbI-93T7bM1vjWQDI_iDqcWgVusbfvDa6Rvbj5oxt_RgRBcZ3Ls4xNeuph5P8kBHrehtmp5Be95 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTnmOt0p5zxmr5jJGO-IVgqQiSVqbkJuTYzeNzrwf1Z9BX3n1RZbLC_AT93qgoJ5l55OY-qrrOWSOEIRQbI-93T7bM1vjWQDI_iDqcWgVusbfvDa6Rvbj5oxt_RgRBcZ3Ls4xNeuph5P8kBHrehtmp5Be95&google_hm=y3yCZGLIQVStMrB4yOgHKs0

Request Chain 105

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1705775182_697a2dd0-b7c1-11ee-94b4-2233c304522e&insert=AW&&gdpr=0&gdpr_consent=

113 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
brandcars.biz.id/
Redirect Chain

https://rustic.biz.id/
https://www.brandcars.biz.id/
https://brandcars.biz.id/

41 KB
9 KB

1213ms
221ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef586ca02d327aa0d328e978285f076912e85d1b43578d5f19a3a53a2b75c64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84895d79dfac1c7b-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 18:26:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://brandcars.biz.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CE9aSubGcJxdryZONkQnxFYqENvjNKymwRPbOdi%2BnHD0%2FNPnY7OgPKRXpytgcZwEBLE61NKaJgpi%2FRce5NymYAnDw0Dod5xoSZB%2BvguZ9JQFuvGLeuiMQKlkgoywHgye83WP9eVBGIClUcHfvcSD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84895d7308191c7b-AMS
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 18:26:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://brandcars.biz.id/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtZhFkvVftbsuP4GSSuqcY%2B6%2BJHC802X8fvU2a%2BO9YJBenVhzSET3PMsAE8IZ3QffN3lmeghYfUcv5yZjbw3VhWj2MiyYb3iz%2BPQamBgL%2Fuh5H5hM5z1cw4cjglQHHmLVitLMwXR2zkDexGpcCKmT1%2FkNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress

GET
H2 200 style.min.css
brandcars.biz.id/wp-includes/css/dist/block-library/ 107 KB
15 KB 90ms
88ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 08 Nov 2023 04:21:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-6099c6d87e2e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqrWFH2p3OewDXbdqjOnmBNXEiRikNkKkOIVdCZ9wEJ3L2tIFC2Z4axps%2Bx520iZq0zBJ6gz20uo3vXPvX4HmdF%2FVxU43b2oHYaS0e1gOWrfVGCTwPX6pguSobnttUVejatQ9l7GmbbwSkw8IBrR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84895d7b8b931c7b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 idblog-core.css
brandcars.biz.id/wp-content/plugins/idblog-core/css/ 7 KB
2 KB 75ms
74ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf28446f50d57b497e259711b3e7144cdc8d3d344b625f8f00878f877aecbd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 24 Oct 2023 01:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a77-6086c50828d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiSvX5enRjYztW70el2E3hg%2FFr%2B3OlqcvM4drQfpziwwQRis97%2F3bYG6QoM9eAqNHaxHHVGGuUbbqOVAoYXGH46ONgpOEm3fBV0r521jLessUQedjfIEcRELb29%2F1NAW03IQhavlzx0nV4HnHGlE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84895d7b8b9f1c7b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1008 B 41ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Requested by

Host: brandcars.biz.id
URL: https://brandcars.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d18eb3df91dedac8a747ab0b94010ee4e9a62c2469b0b4afd7e1527df8cc678b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 18:26:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 18:26:20 GMT

GET
H2 200 style.css
brandcars.biz.id/wp-content/themes/superfast/ 65 KB
15 KB 104ms
103ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-content/themes/superfast/style.css?ver=6.4.2
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b2ed0f286d190048ceef505d0e0982e30d36b0e4bfe9e9a03fc21f27099446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 30 Dec 2023 23:59:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"105c8-60dc2f154de61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diM8vrh8GiP5%2FX%2By1tkOaTD%2Fi5bCr2243JsYzoBdS17Kdepn%2Fhkpa5frRHAk%2FLQsopbKNK3I3oQ6tZvNH%2Bb%2FclExVbTRGCv5hvfrlw%2FLTZ%2B%2FHtaKDBpvqtadKn43eY2rB%2F%2F2JVSaUkyvmuZunral"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84895d7b9bbd1c7b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
brandcars.biz.id/wp-includes/js/jquery/ 86 KB
31 KB 93ms
93ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 08 Nov 2023 04:21:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-6099c6d860e24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooIspm7FsrOEkcllO0MPASIfTDkKfSxmjgsdQCFvhMY1GDv8KqIvCkZcJpQdZi%2FKfX6vIX32MYZdcs9B6wjm8JcpCJYsXtN%2Bjg7spwmS7xKnI%2FXRtrqPBVKZPN4Y1XC9qm%2F9pC3vI6lEG969JEcN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84895d7b9bc11c7b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
brandcars.biz.id/wp-includes/js/jquery/ 13 KB
5 KB 73ms
73ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Oct 2023 16:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-608649bd22263"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIANV8a4ZmF%2Bir6RoHnPDTO48MXiAx28YhqgeX28QIWkP0LdGED7TRMdzhqIqwM25jv7otAtEv%2F0A%2B4QJZIFL9qIzl6gdaRP1WZyEpQIlX6fi%2BsnxShri1y38%2BkaCVIcESANtOF4rVV0ujpLjEYy"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84895d7b9bc41c7b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 72ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8811487029503365

Requested by

Host: brandcars.biz.id
URL: https://brandcars.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72786985760c0ef76ec17668f773da12446c91992ff5a49c34e900d99e7cefbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brandcars.biz.id/
Origin: https://brandcars.biz.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51591
x-xss-protection: 0
server: cafe
etag: 9665779579782608852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 20 Jan 2024 18:26:20 GMT

GET
H2 200 Ford-B-Max-200x135.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 8 KB
8 KB 54ms
53ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Ford-B-Max-200x135.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 466b052e419cb197d46f01e2e76987241540155177d6321fb8b80ca5b7e63b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:42:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1fd6-6087e0d27f961"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn%2FE3Q3Smm5MM2GTnbTBCGgi9HButTeNz00k0axjHY50nv6mBsdGXbyqgBgGS6Oc4llDRAnmSiTwPAkeVRuOjr0B0axlJL2L4Jo%2BkDtyTaEj6Xc%2B1hAi13TRUzZOje4btuXKC5pQoTwEFvfmrIsa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7b9bc61c7b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8150

GET
H2 200 Honda-City-Price-200x135.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 8 KB
9 KB 54ms
54ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Honda-City-Price-200x135.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67bd74c9b8c1d6ae03240eae10eb38f58a676ca2452d8676ec4f4f2721fc514c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:23:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2147-6087dcaeb8297"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=er%2FtUkBl7%2B2xrn7vi1T9rlk2YRHpmWCWoZQPuy%2BLvIdKKI40%2FsFe1Ky%2FGK7%2BHSCyc78pQusFHsGX4CY8SGfw%2Fe%2BeQEEhj6mzUmiJH0ExW7%2BnSjtfVnH5df6pvdW%2FI1%2FUjLDaUVEQf2VXqNftSa4x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7b9bc81c7b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8519

GET
H3 200 Datsun-Go-200x135.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 7 KB
7 KB 36ms
35ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Datsun-Go-200x135.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28b981c0ac25be9bd1add59e8cb26bd7192d494ef02a69c9f7cd6dcf644f345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:18:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1a99-6087db6edfe05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W19m9%2BhSLXXB1iNqhm144se6c6E0Er9YEs0KgKED8Pg7nwZIv4L%2FrxBXKyW2bgA%2FRok7v115kCK9aWW%2BjwG4exmJGe0ZAjNq1jmx8XfrpjatgbVIAehIzr%2BTYB3Tg1KNCDW%2BM1FG%2BIYJ57213YRU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7bd8465b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6809

GET
H3 200 jquery.sidr.min.js Show response
brandcars.biz.id/wp-content/themes/superfast/js/ 7 KB
3 KB 36ms
36ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-content/themes/superfast/js/jquery.sidr.min.js?ver=6.4.2
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 30 Dec 2023 23:59:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b36-60dc2f1549fe1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHQZ%2BK7P9ALVkLNS1IYRuY69xv%2Fcd76RWtATxHnRtdfVnDgbO5kCjZDTrpiiBjplh4yq5HhxXtXsQCDoM1cl3JZO6InkBUAwsMOuUgVU1AUTE7ufcBf7MDlSBSAsDWzTyI3y57bUD4rEAmJ0XnJV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84895d7bd8475b98-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 customscript.js Show response
brandcars.biz.id/wp-content/themes/superfast/js/ 2 KB
1 KB 29ms
29ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-content/themes/superfast/js/customscript.js?ver=6.4.2
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a681b395ccf60aedf83bf19816759cf5add32857e5dd18e6f26190757869ff0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 30 Dec 2023 23:59:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9aa-60dc2f1549fe1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oXTJWPz%2Bx2lfSmB8ANo4Y7ZAWTZ5NkYdtcah4mLuQXyjzN3bOKA%2ByhPEXHj24J7rYAgQvy%2Bj%2BA04kggwVHS2ppwf0ZOsCGQO0I28X3%2Byli8jILgz53Ez%2BncjDD%2B6bD5ZdwevB480Gf6mz208lzX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84895d7c186e5b98-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
brandcars.biz.id/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
6 KB 31ms
31ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 24 Oct 2023 01:32:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b89-6086c506b6b40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSPftrV6fIvoFE4Di4C3K3Pf1FHeuJjG66WyKEVJLJnSKxGXy7PeYEy%2FkK4XYu2I89b2kfjpImWTrLgKDeVTpkRddwWi9Sw5ceGO%2B5bXELNxINZiqcqgI4YRz01JOLlL1%2FuCjZO%2B32jeCI0JtbeL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84895d7c18705b98-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 310d9866-8f4a-4628-985f-17066d11249e
https://brandcars.biz.id/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://brandcars.biz.id/310d9866-8f4a-4628-985f-17066d11249e
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brandcars.biz.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 07:33:36 GMT
x-content-type-options: nosniff
age: 298364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 07:33:36 GMT

GET
H3 200 Wagon-R-Price-2-200x135.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 6 KB
7 KB 26ms
26ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Wagon-R-Price-2-200x135.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5f7dad2f1b5efe7345620d688286884275443172f2f22c988e25766153b7cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:10:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "18ab-6087d9bd57a66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1aLWfekH%2F6xmSy%2FLdqeWKUTRR5bA2ZSraYvj%2BLZ88zdhN7XfVSBoOiGNCGpjY%2B6SJdyCNcFkSYnXsnngUGZfy0TfE%2FdS2DNJ%2B167o50CdTfeLNXhlDllMGFvVNDnuies3z9dKeIiSBOhRzb%2BCBw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7c58a15b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6315

GET
H3 200 Jimny-5-Door-200x135.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 8 KB
8 KB 33ms
33ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Jimny-5-Door-200x135.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78278e7c9da626a9cfda9ea3118116518e86435ed6c292d39b509228dcc76a9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:03:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e9e-6087d8136c9b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE4zBLwXJXte9Ah8hKLeWz%2FCz%2FJk1CVVkM9n7O5GnxDnN%2FF2ndwkdrpYqBGIRHzDxCe3P5wP5EFknhzJEe%2FRjNDPw4srGQ8XeHjJw01qM1e4Zh11FnEI2uM1aIhBRCTzsFWmtP83IDyxXMmPQy5w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7c58a35b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7838

GET
H3 200 Ford-B-Max-60x60.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 2 KB
2 KB 39ms
38ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Ford-B-Max-60x60.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344323d8c6d676f23ccfb93a61331bd8efb98c6bd8016c96b14d2f1a2f6a5ceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:42:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "81f-6087e0d28f360"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrooeoUdqAJnR8J4Br2p2JJYXysp%2BgA3DzzRBFZZpWscsrd51p%2FphIBifZmF87N6i%2BPUhyzcBeeoaTOUcghXzCP5UcIEpOmKqwkhAuB3O5jixsoRBa%2FRJ51T6xzPAr7zNe0yDXyO8mHC2fcg7Le8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7c58a45b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2079

GET
H3 200 Honda-City-Price-60x60.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 2 KB
2 KB 32ms
32ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Honda-City-Price-60x60.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d45a90b04fae87e4a339f67baca5ea7ace12ef5d7e033d069f1d28512c1c04f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:23:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7fb-6087dcaec9bd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqWBotTqSBJq3qShiihYTHXj7eJEncRfa0c2Y0Dop5H3E4zn9eSoX4wApiBLH%2FK2J2vpswIYDZWJpJ42YSYs1UsfDB4Q5oJGLncNLysrqD0ctGmx9vHqXsPQ%2Fz3v8SKFmzEjebTaoOJGnUxpIrdc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7c58a55b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2043

GET
H3 200 Datsun-Go-60x60.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 2 KB
2 KB 24ms
24ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Datsun-Go-60x60.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1805496611bb843d8ddd3ce67aca7f83d24664e24a2c38c245c0b3f4360ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:18:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "718-6087db6eec924"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOZ%2BctDoNPWi63VJAnF2Ot%2Fiu2u6SbJT28NBfaYbwII9QOQXExxD60nVvylTAi8ImGLO9mykS%2FBukB2dBPa1h%2B6A6eUgCFxEq8vs6NrHJ0Jdlifp9ROXEsQebKT%2FHryWrvrOYI%2B8l6p1YQXB5USC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7c58a65b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1816

GET
H3 200 Wagon-R-Price-2-60x60.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 2 KB
2 KB 28ms
27ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Wagon-R-Price-2-60x60.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65464769fe640b9d36381a938aba64a524715d61aee75dfb501e0d0396e168f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:10:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "755-6087d9bd616a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cGqJNhA561BplbgVMbSzR7IsEXbNMB1xWJR35UQeTziEqHkdSPOtUY8sWXdWoPDCmzNf5AW9AaSUg80E71BpvcG1pE%2Bsrl4YXDhxC2sPs4kvqCMgcoScMIWiG3u%2FMZnoGmo2QjWLo%2Bwv6qGtx2D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7c58a85b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1877

GET
H3 200 Jimny-5-Door-60x60.jpg
brandcars.biz.id/wp-content/uploads/2023/10/ 2 KB
2 KB 33ms
33ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandcars.biz.id/wp-content/uploads/2023/10/Jimny-5-Door-60x60.jpg
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb437be959ade525513e9f86e3ed1e186cd1007f161029f6414ff4d948156cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 22:03:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "76f-6087d8137852f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCyOUfgKMLN6h4n7Jy0SX1eX8YAhAJuf4aCtN2fV3qJ%2Bf1oLxc1lJQhMYHqwZigNDIcJ1YoU46QC2FRGZ0nV5OSvcfhzRCs6Dar%2F5ZRLIBi7MOwAlt%2BEDIysGyY5jBc2XME%2B7Y4GReR1SRiZMcDc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84895d7c58a95b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1903

GET
H3 200 wp-emoji-release.min.js Show response
brandcars.biz.id/wp-includes/js/ 18 KB
5 KB 34ms
34ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Oct 2023 16:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-608649bd260e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMNk9%2Fk6Xa0oPrW2miQn%2BtvcXRFGtj5hhDwFIAzRdkt8YcKXjUuclJ6qr341RmZh4pgx9XAM1fOJDo77EDebtXu5M1IxYu7y82%2BMFAsglli4TWpFCSKMaktvYELFK%2Bvm4hdrB8m011SNJ%2BIsj0rS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84895d7c58ab5b98-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
brandcars.biz.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 0509
Redirect Chain

https://brandcars.biz.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://brandcars.biz.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

15ms
15ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brandcars.biz.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: brandcars.biz.id
URL: https://brandcars.biz.id/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b891b58f38cc4aa42141c012733813fa29ca80416af2493a14d6e1a56d103cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wty085Gww0SokHXqtmoFAHRMdwV86TdOdMfGmNUNrLxND11R3QbytTpZxcQrPgRA9hKRtz6Bhq5deVEbwnGAZ7ndoj3hOw3nS0%2BckeZFWbZ78JNeTh1dFIyCRfAhslahiMrYZWcLhiNjH2Hegx3i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84895d7c88f85b98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 20 Jan 2024 18:26:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxbUVQlL72nFTDg1fA5RXWZJNwO5%2BmTMbX1bXYGAxxKQ48AFZRqwAB17Alhzm0cMcp2b6lJeW6TX9%2BXTKYWf2eU%2BEtpD8vE5Iwi9rOwm2myf6LDE26HcipsMCTCGE%2FnEn5%2Bb7GgzKeKv7khym1kD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 84895d7c68c35b98-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 84895d79dfac1c7b Show response
brandcars.biz.id/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0509 0
605 B 26ms
26ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://brandcars.biz.id/cdn-cgi/challenge-platform/h/b/jsd/r/84895d79dfac1c7b
Requested by: Host: brandcars.biz.id
URL: https://brandcars.biz.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2tmKadrYzVLQwUPoEEuWuF7rn9302xEpHZLnf3A8e%2Fc1dTGZAiDar6FPjboN8bk2Y%2Bdk3RuE3PVVMHEmOEG5yqcfzk596HRBy%2BBIPcUYtXhbfJr4NR%2F7VrmsXxgqzdR%2F%2BTIJ20SKg%2BDNL3ox%2F9%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 84895d7d09525b98-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 402 KB
136 KB 99ms
83ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8811487029503365&plah=brandcars.biz.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8811487029503365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edce924e0912b8dcd6cbe108f47a9d6a6961085e4ba4276b02a6478a2278d7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139628
x-xss-protection: 0
server: cafe
etag: 3960410793303056868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 18:26:20 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 6B73 9 KB
4 KB 29ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8811487029503365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brandcars.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 00:21:23 GMT
etag: 9219409622527106327
expires: Sat, 03 Feb 2024 00:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D655 241 KB
60 KB 485ms
484ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&adk=1812271804&adf=3025194257&lmt=1705775180&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fbrandcars.biz.id%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775180336&bpp=3&bdt=257&idt=178&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1401372926594&frm=20&pv=2&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=196

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8811487029503365&plah=brandcars.biz.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed3132d5e1125bfe7905788a71398222a3bb9dd7782769d117e4c114881d3a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brandcars.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61122
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 18:26:21 GMT
expires: Sat, 20 Jan 2024 18:26:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54DA 36 KB
15 KB 417ms
417ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=280&slotname=3228236246&adk=2817947084&adf=2984306924&pi=t.ma~as.3228236246&w=955&fwrn=4&fwrnh=100&lmt=1705775180&rafmt=1&format=955x280&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775180339&bpp=1&bdt=260&idt=198&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=323&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2aba4c8e5b1e9ef69be0a2c42c27ad90b50b15481365fb9d38339a23010a997d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brandcars.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14810
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 18:26:20 GMT
expires: Sat, 20 Jan 2024 18:26:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 54DA 3 KB
1 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=280&slotname=3228236246&adk=2817947084&adf=2984306924&pi=t.ma~as.3228236246&w=955&fwrn=4&fwrnh=100&lmt=1705775180&rafmt=1&format=955x280&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775180339&bpp=1&bdt=260&idt=198&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=323&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 54DA 20 KB
9 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54DA 206 KB
65 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 18:26:20 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C25B 139 KB
47 KB 106ms
69ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZawQTAAIhiIHg4YZAA9EV3UynmU_0iG24Henpw&u=%7CvZ6Hc8NuTL37qmsBIKxyYBzmP83nq4tRrN4D7wD4kng%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANeI2IPvrkyZr5ZLa9QTnRvNU-uZKgDdXDerQuiPLMpwm4F1QklqlGKqtM7idntuHrKdBS433gYE4NmUQq6X8tBJ8a8akr3ehg9lhwexfe2inTN9ylOeW0ooXh-d1QaAe8C1iQWKI0zZMT5KSqrv9NjINEL05wYMD0cX9jR_XjidMYVu0eFd0U1nYyROeKHZGvJIoxUkeJaxG6fAEzEOEctNEOm1RR473f8FtrjcTDn_TwlPtbbLJwKTXwgKTghVhWF15pkwYpupZRLNopYRil0Fn2oSis75EFybfHe2IsiVxCyFW1Bo-CDbADsu7c5c3kr1e--rcYF_WZ3AiBmIvQLMf29XdqGsQ3ZpNPGk1Pw6Ski3QcTl9wze7YPkJjMa8bwcmyuFuO_BsuhiBZcOutmv68wDsO9pcDNCKpce7IMbMGnh-OnNunQXzihWSdrjaivbzSf0uFlEFhJ2aS-tNn5c-AjBJkBZXc4mcREmIzwB9BCHyu1phHleIRoLcivvuW1MafMx7eCEeNz91XAUA9J9vh9xdj2maupumviSPHzLEbdJzjixtlV9wOJWWUX87kYB3Bn8MK8KqOEU5E3_WzN1bhCE5izUh2vFKwiIrSNBq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkUQHTBCsZaKMIpmMjuwP14i9qAzJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgThAU_QUnjPud2Bc_dsjHFvDM57in6hzuR-eUxljA2RcwYz7apD6o2rhju4MKs8pTIpy-EVKRCBcntrll8tG0EAxRVukWCOQhTGCwZxGDEh1SRUsgDiuUu8zFnQLL0uXXFEO5H2cDdXVogq7poSBZubtMAEPyKvCtdIIT5jaLejHJjxIvMfM-IKgd3btFVIS-Zorx5Rp5bT02nuPupPfj2l-xZzqq1Ge30gWqjtsF7AO46PwR2BPgfthGezcDduh8etOyU7kjy_G8kMRdhhzcBF9O2gvdHFUSrMjade7IC_s9Ax6oAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK3F0N3L7IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bmksqsr79IytQ5BCKDWX-6L6Zyg%26client%3Dca-pub-8811487029503365%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f5dd128a8a3976911d7bb635884a51c5ae7abdafa0c4d96605ac29c49c6c9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 18:26:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rD3uieC763C_yZXprznnXhyZBEeFAw1R42wcF_YMWhQhps4Q5RSGop2ALTLCWBRk1yw3SPcuBK4VwIS-sXAMYMvRhQlrZ2h8NkEG9LV0_sksNzEuDAdlYzKhSAodm5Y-Z4Hu-bUaz568MTt4cN8BnMbQ3p3PaRYxzOllnXRXDcGgtTwiE3O0E36_e8dosheHwiYVqxuJwNZODHbzqlMHaG9lTc5LVAops71Wio9aj2kYSaQJfFRaSos2CuNouMh1PJJETQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 51327525
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 54DA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d603b4c761ae836212c06b21d8f0e93cf2dee4ae7fa998e4eeba6cda3b4d7c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54DA 0
23 B 48ms
47ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COGpBTBCsZaKMIpmMjuwP14i9qAzJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTeAU_QUnjPud2Bc_dsjHFvDM57in6hzuR-eUxljA2RcwYz7apD6o2rhju4MKs8pTIpy-EVKRCBcntrll8tG0EAxRVukWCOQhTGCwZxGDEh1SRUsgDiuUu8zFnQLL0uXXFEO5H2cDdXVogq7poSBZubtMAEPyKvCtdIIT5jaLejHJjxIvMfM-IKgd3btFVIS-Zorx5Rp5bT02nuPupPfj2l-xZzqq1Ge30gWqjtsF7AO46PwR2BPgfthGfxchb8B1R9BoPrteYzOyCoS_9re8pr7G8Udexjo5XSob_GJhSfWoAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK3F0N3L7IMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg4MTE0ODcwMjk1MDMzNjUYAA&sigh=gir2B16I8_o&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_i7_1uKYWFU3FVfvFljohBgLwqNbqzwNMGNkrS8LV_i4hHqmLxAc47LpCeDJ39xaaIZED0r2J7x8bWrvc589ChV54ICOuM3ukXg0YAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=280&slotname=3228236246&adk=2817947084&adf=2984306924&pi=t.ma~as.3228236246&w=955&fwrn=4&fwrnh=100&lmt=1705775180&rafmt=1&format=955x280&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775180339&bpp=1&bdt=260&idt=198&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=323&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 18:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Jan 2024 18:26:21 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 54DA 0
126 B 40ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RLsHmAKdg2ICAgAAANKvmViP8qxbEEsQrGUj6vZY-9WcaOc6AAASAAAKCkFRVURBUUVCQVE&wp=ZawQTAAIhiIHg4YZAA9EV3UynmU_0iG24Henpw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 155361
server: Kestrel
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 162 KB
55 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5cffdd944d8ee78dda1e8f44129898becb59d5f3b55bbf990c56b3d1d32f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56384
x-xss-protection: 0
server: cafe
etag: 5881180602176070077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 18:26:21 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB56 48 KB
17 KB 638ms
638ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.608387468~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1200x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280&nras=2&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e2a758049c360295e92af356c0e57ce37891fa79d0fa416d33a395bd0aea40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brandcars.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17730
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 18:26:21 GMT
expires: Sat, 20 Jan 2024 18:26:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C55 430 B
232 B 533ms
533ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=4033532932&adf=3023639563&pi=t.aa~a.1372487962~rp.4&w=1008&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1008x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280%2C1200x90&nras=3&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cca25018b007ad40a5a4f16e499a67352aab6adc3b6b4ca213fa50100c9916da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brandcars.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 18:26:21 GMT
expires: Sat, 20 Jan 2024 18:26:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C25B 2 KB
1 KB 39ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZawQTAAIhiIHg4YZAA9EV3UynmU_0iG24Henpw&u=%7CvZ6Hc8NuTL37qmsBIKxyYBzmP83nq4tRrN4D7wD4kng%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANeI2IPvrkyZr5ZLa9QTnRvNU-uZKgDdXDerQuiPLMpwm4F1QklqlGKqtM7idntuHrKdBS433gYE4NmUQq6X8tBJ8a8akr3ehg9lhwexfe2inTN9ylOeW0ooXh-d1QaAe8C1iQWKI0zZMT5KSqrv9NjINEL05wYMD0cX9jR_XjidMYVu0eFd0U1nYyROeKHZGvJIoxUkeJaxG6fAEzEOEctNEOm1RR473f8FtrjcTDn_TwlPtbbLJwKTXwgKTghVhWF15pkwYpupZRLNopYRil0Fn2oSis75EFybfHe2IsiVxCyFW1Bo-CDbADsu7c5c3kr1e--rcYF_WZ3AiBmIvQLMf29XdqGsQ3ZpNPGk1Pw6Ski3QcTl9wze7YPkJjMa8bwcmyuFuO_BsuhiBZcOutmv68wDsO9pcDNCKpce7IMbMGnh-OnNunQXzihWSdrjaivbzSf0uFlEFhJ2aS-tNn5c-AjBJkBZXc4mcREmIzwB9BCHyu1phHleIRoLcivvuW1MafMx7eCEeNz91XAUA9J9vh9xdj2maupumviSPHzLEbdJzjixtlV9wOJWWUX87kYB3Bn8MK8KqOEU5E3_WzN1bhCE5izUh2vFKwiIrSNBq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkUQHTBCsZaKMIpmMjuwP14i9qAzJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgThAU_QUnjPud2Bc_dsjHFvDM57in6hzuR-eUxljA2RcwYz7apD6o2rhju4MKs8pTIpy-EVKRCBcntrll8tG0EAxRVukWCOQhTGCwZxGDEh1SRUsgDiuUu8zFnQLL0uXXFEO5H2cDdXVogq7poSBZubtMAEPyKvCtdIIT5jaLejHJjxIvMfM-IKgd3btFVIS-Zorx5Rp5bT02nuPupPfj2l-xZzqq1Ge30gWqjtsF7AO46PwR2BPgfthGezcDduh8etOyU7kjy_G8kMRdhhzcBF9O2gvdHFUSrMjade7IC_s9Ax6oAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK3F0N3L7IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bmksqsr79IytQ5BCKDWX-6L6Zyg%26client%3Dca-pub-8811487029503365%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 18:26:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C25B 2 KB
1 KB 43ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 18:26:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C25B 308 B
636 B 50ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 14 Jan 2025 18:26:21 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C25B 293 B
621 B 41ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 14 Jan 2025 18:26:21 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C25B 43 B
348 B 47ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=36XF6d6CE6D-1zVCyUDLT1rTLHR9yA5yZuoT_xRVYTmKGrUUvsBbX7Qs3PGx9ZQtHVuwQs3woVz2nn3pN5jkC_7yWfZ8HBsX7KaHo2cxb_68liFJsmCqkIiovBtzLwk3VNGNnxG_sCxaZmjcN43ye4l82LMQSbVElyRk5AmsEM_nUq1cHHhDYSUWAR85CT7iE8U4XiiTmkSRXY7KURSmKDeFlrKeG4PVbjoYpYBkbnneoICWaUD3JwaMf6_wWnQGrG6-twvsepcU1qa8xNZxJ7cjD530Gtp66Y7EMzSH0MEZ9MRg_2E7GjXiqFOmiAYHCBRYyGXurnqj-yTHuPNZMMU8CK96OVJ-CS78xvaKBptK4vAnJZkmmhXYE2tCzMEZD-csWJM_yQdPjX-EhxPKCll5l2_naylUYAqkvf6meSEuFtu2FuGONbF3h6SqkR42knC4eA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1899251
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C25B 12 KB
6 KB 36ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 18:26:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C25B 44 KB
44 KB 60ms
25ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=446&rid=4&s=YnOfNHFhcXJhBPI80fhn8BT0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

91772bd12f334975f0720059b347d04cfefef276180cc0f223973ac1c80716fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 44625
expires: Mon, 06 Jan 2025 01:54:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C25B 14 KB
14 KB 66ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14338
expires: Sat, 03 Feb 2024 04:47:19 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C25B 0
128 B 46ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=rD3uieC763C_yZXprznnXhyZBEeFAw1R42wcF_YMWhQhps4Q5RSGop2ALTLCWBRk1yw3SPcuBK4VwIS-sXAMYMvRhQlrZ2h8NkEG9LV0_sksNzEuDAdlYzKhSAodm5Y-Z4Hu-bUaz568MTt4cN8BnMbQ3p3PaRYxzOllnXRXDcGgtTwiE3O0E36_e8dosheHwiYVqxuJwNZODHbzqlMHaG9lTc5LVAops71Wio9aj2kYSaQJfFRaSos2CuNouMh1PJJETQ&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 20 Jan 2024 18:26:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C25B 2 KB
1 KB 34ms
24ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 18:26:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C25B 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 18:26:21 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 2D6A 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brandcars.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 00:45:32 GMT
etag: 9219409622527106327
expires: Sat, 03 Feb 2024 00:45:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2D6A 4 KB
767 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 17:15:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 18:26:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D6A 205 B
520 B 47ms
23ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:40:51 GMT
x-content-type-options: nosniff
age: 290730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jan 2025 09:40:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D6A 604 B
695 B 48ms
24ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:39:38 GMT
x-content-type-options: nosniff
age: 161203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 17 Jan 2025 21:39:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 2D6A 16 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:00:53 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 2D6A 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:42:53 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 573F 9 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 22:51:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:14:49 GMT

GET
H2 200 54c2f3dd7fd22235ce59d6b86bfa2f62.js Show response
www.gstatic.com/mysidia/ Frame 573F 146 KB
54 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/54c2f3dd7fd22235ce59d6b86bfa2f62.js?tag=video_mra/web_interstitial_raspberry_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258aa8f1699516e8cae1190d7d19c1a434d7c52813aa5d11cdaea2becd0b86c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 18:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54702
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 18:08:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 573F 21 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 17:29:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 18:26:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 573F 2 KB
822 B 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 573F 23 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 573F 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 573F 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 573F 206 KB
65 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 18:26:21 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 573F 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:10:43 GMT

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C901 50 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 347138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 18:00:43 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 3C9C 2 KB
3 KB 78ms
38ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gxc3gfwh5z0b0x80c9bawhvwkmax0tzeew0qa0khwxhx5fxqajwb8wf14gms3jyfq6gnbazff1nz8ht8x7pxjzfbj68h8k9mdsf78yxb9ajew3vnvaxfzp7xf2y2wshk4cdbed4ftaemdmf3z9k5nhj9jvn9y5zwc1972b19eh6gb0smww4ersk5d82dk85t343tqqzv5vha4qsqvj6h9smg5y8jvyn6kdbg83ztp5awvhz0zgv5m1h1dvzj3kmra97nxg43gr85gabef0037r1x73x1vy2pymx7qxjy8z3nzjds17kmcv7agjm3zwrjacs6syax4r1hkmnrmeghrx450ebsn7rgya2070qtmtc2p555x1vr03xbsdszs4qcgmx0ah6hjbva7ays0bny0dpjrpcc5g4wf4r0erzh2tsj6qs3g3hfefsf45pev983pd5ec3t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%26client%3Dca-pub-8811487029503365%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.608387468~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1200x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280&nras=2&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a752668bba5a44b99584665568edc0e252205c42609b6edd877d84eaba5703

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84895d861e685cb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 18:26:21 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 117D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 706A 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sun, 21 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 117D 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 117D 0
0 37ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREGr74v9VI-dhJn62oL0_C004bzpaBtEeXE3QJHNIVaV8_ssfzKa1W0qdLmQs_LdKrru6kyNJ24U_pe_YUmcJV7hBwsw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.608387468~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1200x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280&nras=2&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 117D 206 KB
65 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 18:26:21 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 706A 0
104 B 116ms
69ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENJA45VLW-c0N0xFwG6H1IQ&google_cver=1&google_push=AXcoOmR2RIDHt42SJRXdSBqS62ZNkd-c-7Qnj3mnCLjiPvtH8wfZ3p81hgUtSoDCnvXc_bIxqeIpN5DsMh8Zh7RxpCCzc-dY2829_0sQov_icRCto8GO4MepUrzyxX39DjZRNbvVUp3pJ3H6HRWi80Bd-cRSmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.608387468~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1200x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280&nras=2&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 706A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPf4ea1Vj0KuFnCJVOZszqI&google_cver=1&google_push=AXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvb...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPf4ea1Vj0KuFnCJVOZszqI&google_cver=1&google_push=AXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPb...

43 B
456 B

175ms
174ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPf4ea1Vj0KuFnCJVOZszqI&google_cver=1&google_push=AXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvbsSRHR7zTV6QvgHvbanzR40re0mxv7jF2AlI-Ebfi49fM002Efp8tiVxKQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvbsSRHR7zTV6QvgHvbanzR40re0mxv7jF2AlI-Ebfi49fM002Efp8tiVxKQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:22 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84895d871f2e9b71-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 242
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPf4ea1Vj0KuFnCJVOZszqI&google_cver=1&google_push=AXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvbsSRHR7zTV6QvgHvbanzR40re0mxv7jF2AlI-Ebfi49fM002Efp8tiVxKQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSK0jHRbsnMh8vjmHVJ5k_WGxBFMEXf_ToSDq_pWkKj-8Dm1thz_tMnLSxohMx-wdijbJCUQVSU-mDM5TDQU3whG-ffdPbvbsSRHR7zTV6QvgHvbanzR40re0mxv7jF2AlI-Ebfi49fM002Efp8tiVxKQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84895d860db29b71-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 706A
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM4wiqyTh-a1SSKbiPY39dw&google_cver=1&google_push=AXcoOmRXnzKn_ftxzxoc_1Lg6cbMcH7D3apmhmWPNONclLx4PISNRPQGz_ROVTMs8yl66TSa96U6gE_QsIubBfny...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=B9MKgAYCRgEtqTW6jjzEaA&google_push=AXcoOmRXnzKn_ftxzxoc_1Lg6cbMcH7D3apmhmWPNONclLx4PISNRPQGz_ROVTMs8yl66TSa96U6gE_QsIubBfny1aKjGBL65aCQ6m1...

170 B
232 B

20ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=B9MKgAYCRgEtqTW6jjzEaA&google_push=AXcoOmRXnzKn_ftxzxoc_1Lg6cbMcH7D3apmhmWPNONclLx4PISNRPQGz_ROVTMs8yl66TSa96U6gE_QsIubBfny1aKjGBL65aCQ6m1bJQJpAQDZF2qU-EsvG7eXoJ1eAKMsnQPoY97croIYIbLRnnKZ1xzRcQ

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 18:26:21 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=B9MKgAYCRgEtqTW6jjzEaA&google_push=AXcoOmRXnzKn_ftxzxoc_1Lg6cbMcH7D3apmhmWPNONclLx4PISNRPQGz_ROVTMs8yl66TSa96U6gE_QsIubBfny1aKjGBL65aCQ6m1bJQJpAQDZF2qU-EsvG7eXoJ1eAKMsnQPoY97croIYIbLRnnKZ1xzRcQ
x-host: tde-deliveryengine-production-5db7bf8975-k484n
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 706A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGfkm86_s7eUk6v-oKNutLk&google_cver=1&google_push=AXcoOmRMv7a8xDr_dkX0GZwamVr32jHcECb5gj1qaKnEwRjIMFcLE9tA4b30DMphf1VipEzj2kzdFWHu...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGfkm86_s7eUk6v-oKNutLk&google_cver=1&google_push=AXcoOmRMv7a8xDr_dkX0GZwamVr32jHcECb5gj1qaKnEwRjIMFcLE9tA4b30DMphf1VipEzj2kz...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgzMjE2MzA2MTE0MDk5MzYyOA&google_push=AXcoOmRMv7a8xDr_dkX0GZwamVr32jHcECb5gj1qaKnEwRjIMFcLE9tA4b30DMphf1VipEzj2kzdFW...

170 B
232 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgzMjE2MzA2MTE0MDk5MzYyOA&google_push=AXcoOmRMv7a8xDr_dkX0GZwamVr32jHcECb5gj1qaKnEwRjIMFcLE9tA4b30DMphf1VipEzj2kzdFWHuPcF-O4r4_jHVS5RUEjpw0h0i7jHZbKNMBZ_ZAwOxH6YCagXdU_gvUiWqUCWuRR-6sAZKAL5MCCUVtg

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgzMjE2MzA2MTE0MDk5MzYyOA&google_push=AXcoOmRMv7a8xDr_dkX0GZwamVr32jHcECb5gj1qaKnEwRjIMFcLE9tA4b30DMphf1VipEzj2kzdFWHuPcF-O4r4_jHVS5RUEjpw0h0i7jHZbKNMBZ_ZAwOxH6YCagXdU_gvUiWqUCWuRR-6sAZKAL5MCCUVtg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 706A 43 B
363 B 53ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS7gWuQ02NCnqR_2K6f0qpjlyCaNDwR16ub2ZD1ePyRgLZ97uQgBE4RoQbIfw0QemTvwT24ir-YAo5fuUQUFbWEhNwcaDCi0844MNbzFZGsLbbBG6w0xn2GSV2XUj8fFu_4eVMIMHkedNYuwAlZhp5dFCE&google_gid=CAESEAShWxmR4wx8VdHI9innfTo&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:20 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 205194
expires: Sat, 20 Jan 2024 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 706A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGfkm86_s7eUk6v-oKNutLk&google_cver=1&google_push=AXcoOmQWqKE5hAUPmiK4msUqZaD3Us2MsuphOIxtiUX9O4PKccwaQQ0PYtueOTuRH9OViNuRqjibHuE-...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGfkm86_s7eUk6v-oKNutLk&google_cver=1&google_push=AXcoOmQWqKE5hAUPmiK4msUqZaD3Us2MsuphOIxtiUX9O4PKccwaQQ0PYtueOTuRH9OViNuRqji...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQzMjM0Nzg0ODgwNzQ5NTcxMw&google_push=AXcoOmQWqKE5hAUPmiK4msUqZaD3Us2MsuphOIxtiUX9O4PKccwaQQ0PYtueOTuRH9OViNuRqjibHu...

170 B
232 B

20ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQzMjM0Nzg0ODgwNzQ5NTcxMw&google_push=AXcoOmQWqKE5hAUPmiK4msUqZaD3Us2MsuphOIxtiUX9O4PKccwaQQ0PYtueOTuRH9OViNuRqjibHuE-YAQn-RfYB_pJAJeGmEzUYv2RPgRCkDvKTdc14nd-f3LR4xZz4aqTEIjUMU80UUv9w9XXowbwjxQK1q8

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQzMjM0Nzg0ODgwNzQ5NTcxMw&google_push=AXcoOmQWqKE5hAUPmiK4msUqZaD3Us2MsuphOIxtiUX9O4PKccwaQQ0PYtueOTuRH9OViNuRqjibHuE-YAQn-RfYB_pJAJeGmEzUYv2RPgRCkDvKTdc14nd-f3LR4xZz4aqTEIjUMU80UUv9w9XXowbwjxQK1q8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 706A
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEASKmpZdCfdSz7aiASWiffU&google_cver=1&google_push=AXcoOmTnmOt0p5zxmr5jJGO-IVgqQiSVqbkJuTYzeNzrwf1Z9BX3n1RZbLC_AT93qg...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTnmOt0p5zxmr5jJGO-IVgqQiSVqbkJuTYzeNzrwf1Z9BX3n1RZbLC_AT93qgoJ5l55OY-qrrOWSOEIRQbI-93T7bM1vjWQDI_iDqcWgVusbf...

170 B
329 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTnmOt0p5zxmr5jJGO-IVgqQiSVqbkJuTYzeNzrwf1Z9BX3n1RZbLC_AT93qgoJ5l55OY-qrrOWSOEIRQbI-93T7bM1vjWQDI_iDqcWgVusbfvDa6Rvbj5oxt_RgRBcZ3Ls4xNeuph5P8kBHrehtmp5Be95&google_hm=y3yCZGLIQVStMrB4yOgHKs0

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTnmOt0p5zxmr5jJGO-IVgqQiSVqbkJuTYzeNzrwf1Z9BX3n1RZbLC_AT93qgoJ5l55OY-qrrOWSOEIRQbI-93T7bM1vjWQDI_iDqcWgVusbfvDa6Rvbj5oxt_RgRBcZ3Ls4xNeuph5P8kBHrehtmp5Be95&google_hm=y3yCZGLIQVStMrB4yOgHKs0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 706A 0
130 B 51ms
14ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFYZohdiJ4lLyt-fAiF6EyKwW5RGEMVfSQbAQTw3CPfwdzN3K93Km2CYS8g-Jwaglr2UpxiQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 117D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f1027a92c7ffa513f21451b830b6d0aa6351b0155fede117c38837b8240599d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 117D 0
19 B 46ms
45ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq55sTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTjAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR-20dIdI_t6x6Ki03J9DS5qQ_mbtte533GKNLyCrpIXD80th65p4gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODgxMTQ4NzAyOTUwMzM2NRgA&sigh=yixmCxw2LqQ&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_sKKU_5apjkMgreou7BMOgJDRukGt6LiBXbyoqOIfkMPZ-ApCzcF7c2FCuwIcrl_yZ4yC3znQnxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.608387468~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1200x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280&nras=2&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 18:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 117D 0
103 B 52ms
18ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g1z5xzsz7fmys1dfthvwbf8vaf9z6y1hq27n6ef1hwh3sks6je9nh02df85b8y16bgem47ftmf5e8zef2sjqas8vgqg7bhzcrsyrx7gk92hh1f6f2c4f8x1jxzqqphp0f8ty2m6kcc4b7rsf6tssjn6k3hzzanrb2s9aaex28mh1r2v2ts7m3180j4pq5cz6qgkwp04zveffqwp58pd8eypepnyme52r6gcnmhhak4n8vjz8vd85t8r55ba5mpxna58ty5evexv044grceh3f1kjgz5cedr5efv3d1vh9vhw5jjvm24kx8habfa9k8wdwzeecfpx42wjmy8sn2qqzgaeter9aghxs2wyqmqcqndnn9pnbvfsyk2enk67dxbntfm3z4dgwmhjhr&b=ZawQTQACrTEGrQUmAAd2bRudFP1stm1bWaXUCQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.608387468~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705775181&rafmt=1&to=qs&pwprc=4277131845&format=1200x90&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775181078&bpp=1&bdt=999&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db877c0454e06d285%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg&gpic=UID%3D00000d45763d7cfb%3AT%3D1705775180%3ART%3D1705775180%3AS%3DALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg&prev_fmts=0x0%2C955x280&nras=2&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&psts=AOrYGsk2nkFIUQy4fCO6mLjOH-gsfhNWVs2elHiZURxv0iWUdiY-uzzcx5s53yLY8h33qL6dYdAcgwncHpuGXg&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Jan 2024 18:26:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 3C9C 115 KB
13 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gxc3gfwh5z0b0x80c9bawhvwkmax0tzeew0qa0khwxhx5fxqajwb8wf14gms3jyfq6gnbazff1nz8ht8x7pxjzfbj68h8k9mdsf78yxb9ajew3vnvaxfzp7xf2y2wshk4cdbed4ftaemdmf3z9k5nhj9jvn9y5zwc1972b19eh6gb0smww4ersk5d82dk85t343tqqzv5vha4qsqvj6h9smg5y8jvyn6kdbg83ztp5awvhz0zgv5m1h1dvzj3kmra97nxg43gr85gabef0037r1x73x1vy2pymx7qxjy8z3nzjds17kmcv7agjm3zwrjacs6syax4r1hkmnrmeghrx450ebsn7rgya2070qtmtc2p555x1vr03xbsdszs4qcgmx0ah6hjbva7ays0bny0dpjrpcc5g4wf4r0erzh2tsj6qs3g3hfefsf45pev983pd5ec3t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%26client%3Dca-pub-8811487029503365%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gxc3gfwh5z0b0x80c9bawhvwkmax0tzeew0qa0khwxhx5fxqajwb8wf14gms3jyfq6gnbazff1nz8ht8x7pxjzfbj68h8k9mdsf78yxb9ajew3vnvaxfzp7xf2y2wshk4cdbed4ftaemdmf3z9k5nhj9jvn9y5zwc1972b19eh6gb0smww4ersk5d82dk85t343tqqzv5vha4qsqvj6h9smg5y8jvyn6kdbg83ztp5awvhz0zgv5m1h1dvzj3kmra97nxg43gr85gabef0037r1x73x1vy2pymx7qxjy8z3nzjds17kmcv7agjm3zwrjacs6syax4r1hkmnrmeghrx450ebsn7rgya2070qtmtc2p555x1vr03xbsdszs4qcgmx0ah6hjbva7ays0bny0dpjrpcc5g4wf4r0erzh2tsj6qs3g3hfefsf45pev983pd5ec3t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%26client%3Dca-pub-8811487029503365%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 664599
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4E8jB1yAT6Sg88SV2UB5IgysvsDuDcyg%2BWlvWLRQ75kXh1XGZEqKUFVRjlIlmVGcECrmGp5BGHFJtwQFgXA4pGlERRsk%2BASDS9FiLm1Gne%2FUKTWKxGIEmhHoo5HgDDOC5NMCQsTOlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84895d865eb25cb0-FRA
expires: Sun, 21 Jan 2024 18:26:21 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 3C9C 24 KB
10 KB 20ms
20ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gxc3gfwh5z0b0x80c9bawhvwkmax0tzeew0qa0khwxhx5fxqajwb8wf14gms3jyfq6gnbazff1nz8ht8x7pxjzfbj68h8k9mdsf78yxb9ajew3vnvaxfzp7xf2y2wshk4cdbed4ftaemdmf3z9k5nhj9jvn9y5zwc1972b19eh6gb0smww4ersk5d82dk85t343tqqzv5vha4qsqvj6h9smg5y8jvyn6kdbg83ztp5awvhz0zgv5m1h1dvzj3kmra97nxg43gr85gabef0037r1x73x1vy2pymx7qxjy8z3nzjds17kmcv7agjm3zwrjacs6syax4r1hkmnrmeghrx450ebsn7rgya2070qtmtc2p555x1vr03xbsdszs4qcgmx0ah6hjbva7ays0bny0dpjrpcc5g4wf4r0erzh2tsj6qs3g3hfefsf45pev983pd5ec3t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%26client%3Dca-pub-8811487029503365%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 389124
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbojcwYsaRxASPJMxKsbGLhpQYNpjfDpeRx3js8cm80JsXgynw6DiPWVk1KLfMRlVbSuhtoA5Rjtt63KteVeZLRYyAZrDi7X9YyjlD%2FA1oHVXor1kbhHmtkhdMuqvfk3WLaK%2Fec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84895d865eb45cb0-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3C9C 350 B
911 B 62ms
25ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4632227
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZUjoIgVwxb5c1ItGdMa%2BLV4L9oZQwviuFdgjneXQbbesNidJI3qgNZqhV5lUz3Nykt7Hw2gEUum4MvgaTFrUhh%2FwBSV5eYq5bbV4pC%2BkdO0UY%2BxXhnhVA3%2B6Nw5gUoLGbCGp5QroudmunPa1CvUOpGD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84895d86ca372c4d-FRA
expires: Wed, 27 Nov 2024 03:42:34 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 665A 2 KB
2 KB 45ms
45ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1912093
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84895d868fe235ec-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sat, 20 Jan 2024 18:26:21 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKxWh%2FprcytHVdYCvxkDrBl3K%2BujtM%2BV%2FyphNB2I6m4MPe81NhiMLagTmwxBVT6qR1nSOUMIBz%2BK4aZq6oqmXRUKtDEMqzzdrkrx9vGL8Ttcu5NlVe0IUA0PaV4rCIZxoECrYXw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 58ms
48ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84895d86fe25199b-FRA
content-length: 24
content-type: text/plain
date: Sat, 20 Jan 2024 18:26:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3zjO55mHPmyTDBKxv6G95FjcPxKDZ7KZqwNsxunWBJlQ%2FI0QIU3XqHAE9LsPvK6VL0Mc91lbEvbYcy9ucQ%2BSsLlMWIM4QZvziESQWS0zfHmK%2BMIyZDx43v1KeQq67H3%2BaFoY9s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-bl1h

POST
H3 200 rs Show response
ad4m.at/ Frame 3C9C 2 KB
2 KB 42ms
42ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a68e301714d3e9476a50136a4884cba6551ceafabda14b418aade68e5254307

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaDmsFETsTCoAVI%2BrWbFP1LSQDeVwNrkeOB2i7uhoYU0fRUNIAqDgRBHda1ezKoPzxvPkR0TLm42eYqd0T6hYjn%2FYn5JF8Kyf%2Fe1xUr9gLTzPuU%2FBrj8Tu607yF%2FUAoNbetwKzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 84895d874ea1199b-FRA
x-backend-server: aa-reachservice-group-europe-west1-bl1h
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 52ms
51ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9ee7cc7674eb7b24e7dbfe0e98bdf0b383d03e92ee26a6332878666a8b4aea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12320
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 18:26:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3041 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brandcars.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 16:37:59 GMT
expires: Sun, 19 Jan 2025 16:37:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0428 829 B
1 KB 16ms
16ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

656ed59d3b792fb222321f823a206edd210d7bd17eaae77a4c705a324195efa1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HXI1ZsdlzIKeT_o8jcguQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brandcars.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-HXI1ZsdlzIKeT_o8jcguQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 18:26:21 GMT
expires: Sat, 20 Jan 2024 18:26:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 960D 11 KB
5 KB 39ms
39ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

929558b676d36dd816d1c5c7f5313c2b61b3ed730caff0e1fe6e250d82a7c640

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gxc3gfwh5z0b0x80c9bawhvwkmax0tzeew0qa0khwxhx5fxqajwb8wf14gms3jyfq6gnbazff1nz8ht8x7pxjzfbj68h8k9mdsf78yxb9ajew3vnvaxfzp7xf2y2wshk4cdbed4ftaemdmf3z9k5nhj9jvn9y5zwc1972b19eh6gb0smww4ersk5d82dk85t343tqqzv5vha4qsqvj6h9smg5y8jvyn6kdbg83ztp5awvhz0zgv5m1h1dvzj3kmra97nxg43gr85gabef0037r1x73x1vy2pymx7qxjy8z3nzjds17kmcv7agjm3zwrjacs6syax4r1hkmnrmeghrx450ebsn7rgya2070qtmtc2p555x1vr03xbsdszs4qcgmx0ah6hjbva7ays0bny0dpjrpcc5g4wf4r0erzh2tsj6qs3g3hfefsf45pev983pd5ec3t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%26client%3Dca-pub-8811487029503365%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84895d8799a035ec-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 18:26:22 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3041 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 14:00:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0428 0
0 154ms
153ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=3955186480390517&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 54DA 42 B
64 B 161ms
161ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOfCgXOSYGK6TbsqsmQH8WeEueBLuBUT6Sq_ex4tHK1NBWhNhHBkJuWLbgIx1NyyO3njHKFxBM5Te5H9d82Z3FmxCLd9XbmUUI7TuZ-grumwA3ONrKvw&sig=Cg0ArKJSzOBtQDslhmZQEAE&id=lidar2&mcvt=1000&p=0,0,280,955&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2817947084&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705775180540&rpt=506&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 960D 115 KB
14 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 902399
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlQvie3MQGB0V%2FifuHBHzJhIDFnEtHtRH8oNTvNjuH%2F3ffz3O56Ytt3OFmKzFleOFgdX4YmXvtTVABBFySUUNCAYDCBFdraumhnLKtE5E50FSY172ZUfsaBhdBI%2Bzb%2B36Eo8M8FtApg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84895d87da0335ec-FRA
expires: Sun, 21 Jan 2024 18:26:22 GMT

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 960D 8 KB
8 KB 45ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77721
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zODGFzv4tCw6FoEebiz9i%2BmCn%2FlzHjk8pePBPulBW48lCcKUnQ%2BWdgrQ4f25CmIL0Xl1sEp%2B8hg%2F%2BJKa7ydZg1AwZhdJFvd4SBOeXTX128lqry%2BgE%2FKq2rXTCVCIhZotzhiENh9MQzaCk8Lv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84895d87f8935cb0-FRA

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 960D 11 KB
11 KB 41ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 788851
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TDBInvVKF3BhCdcj02foZfKJl5OzyDTmmP7BkdHxtGyKLL%2FEoyZEGuzrHyuXOCfvde3m7d%2F17ZYBMsdlkvoO6G9pOL37Of8jyz3yiAJPQ4PDoQ8lSxYU%2BSRI3adRZ%2B%2FdDBSIowoWCfTEO0C"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84895d87f8955cb0-FRA

GET
H2 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame 960D 6 KB
6 KB 39ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79965
cf-polished: origFmt=png, origSize=12441
alt-svc: h3=":443"; ma=86400
content-length: 5676
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:47:18 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJpNA%2F31dysgHiYl3k7HrWp00jcs41EaF%2BWbtWvZSuGvpPwU6eByh3a8rZVojMktDOGkoKse7mbEQqHyfDGekujNO1mtmnUIHJw84xP8S2I3mUSDQ69oj8xpqjY3lWcFP6mWwyhhrfm7%2FLP3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84895d87f8965cb0-FRA

GET
H2 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame 960D 35 KB
36 KB 37ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76051
cf-polished: qual=85, origFmt=jpeg, origSize=36074
alt-svc: h3=":443"; ma=86400
content-length: 36044
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 06:27:23 GMT
server: cloudflare
etag: "7850b9052be937f41ce82bc92c12f968"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2YkdrNZlyatzgsm0l0mff1%2Fr81usxYywfhWpK0ti63fMzMoO1HROcw7LhXPUL%2BQO4hoa2nSfArsaAy%2Fy%2B7YlOvKwyMttKOekOl4UzWwHCpNYB8kmV%2BjtKM0YF2AYQOT6C3H%2BwNaZzZM6smI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84895d87f8915cb0-FRA

GET
H2 200 view
t.adcell.com/p/ Frame 960D 42 B
459 B 76ms
41ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 18:26:22 GMT
strict-transport-security: max-age=15768000
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 960D 7 KB
7 KB 36ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74546
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghNzXsNdd3%2F1tldRPiYms3PJHWf1zuK1ibI1Qh69WmBOBUFfhoogY8KG%2BxTz82dzH3VoxCU5ZeWy6D0z0VBtxhHm5ku8CrUiTLUvy8QseYKK%2B0I7vCDd6Uk0Pu81YOpRoXNfFCOhy7V7zSPF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84895d87f8925cb0-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 960D 25 KB
25 KB 42ms
25ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3924125
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rROmaHbD%2Bvd18gkdoCi%2FT%2FCRzjiPmNbBwSlXewdl3jb%2Fx8%2BkueLQKYU9SNzGFKOcXFCl93JFVKFWn2T2BjmiZAflYqMJvHg8k1hinANfYADg60i8tl7RLq42nBDhByv4YgUV2zATjsb80%2FVM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84895d87f8975cb0-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 960D
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1705775182_697a2dd0-b7c1-11ee-94b4-2233c304522e&insert=AW&&gdpr=0&gdpr_consent=

0
493 B

70ms
33ms

Image
text/html

2606:4700::6813:afbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1705775182_697a2dd0-b7c1-11ee-94b4-2233c304522e&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 84895d88cdb030d5-FRA
content-length: 0
expires: -1

Redirect headers

Date: Sat, 20 Jan 2024 18:26:22 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1705775182_697a2dd0-b7c1-11ee-94b4-2233c304522e&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3041 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9JGFfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 960D 2 KB
2 KB 196ms
78ms Script
text/html 35.177.87.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j86g2cha2rvges3vr1qvn1p0as9shgcdsp0j7p2z4egw3354a1zdde1gm6n8yna26x39c2ns77j5tq9s1n1tvnd6v001eqzen0ekk5mj82d1re260eb65ndx3p6jy27fvk54837axd8grj36v4wwychmqbb1ktfctc2xd5hayk5pw59442jy0cqg4ngarvcq7qgn72d6g6npjay8xfyspksxgcrk4cwzn516yq8etx86bv82v1ph1wrk922kcfnfyf0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%252526client%25253Dca-pub-8811487029503365%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.87.134 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-87-134.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 099f0db5dcfb6124d27e2a7658f46587681103ac421648c30ac96ca3b62d749b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:26:22 GMT
last-modified: Sat, 20 Jan 2024 18:26:22 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 20 Jan 2024 18:27:22 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C25B 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 20 Jan 2024 18:26:21 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 960D 54 KB
19 KB 86ms
13ms Script
application/javascript 18.165.183.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j86g2cha2rvges3vr1qvn1p0as9shgcdsp0j7p2z4egw3354a1zdde1gm6n8yna26x39c2ns77j5tq9s1n1tvnd6v001eqzen0ekk5mj82d1re260eb65ndx3p6jy27fvk54837axd8grj36v4wwychmqbb1ktfctc2xd5hayk5pw59442jy0cqg4ngarvcq7qgn72d6g6npjay8xfyspksxgcrk4cwzn516yq8etx86bv82v1ph1wrk922kcfnfyf0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%252526client%25253Dca-pub-8811487029503365%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-91.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:23:26 GMT
content-encoding: gzip
via: 1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 46977
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: zxrMTN1nawxfMH1u8QA5GWxVE1T0HSUyRR1KFsJdIIu5OyJjAVIFbw==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 960D 15 KB
15 KB 50ms
8ms Image
image/png 108.138.36.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1705775482&Signature=RJEOuMrvX6MJTp2QHzxfDyHl3D2Xqs-uC7Kx-WWXAg-RrcMy-rDT9EcJXuFvKajZGu2mjgZMH~dmwzLQ57kYvU2b3mvn2dzWWfCBgcFm6PGPJiJeNXXjSTCq5jFHvINdUFzum3YIpyXhaQ~nSptvfFEMTMJYHXS1dNAudq0fEOLTzIEbEyQR2oIoKLpXs2pG3Z88Gb6XTnByh3dplicMnWCXzJCnfjbIW06cM0JlTzGbN9xYgaLgRFV9MaiGe78y-oAe-s-V8n-lOxf9ksFqJIWwquMJfYz6cVNjrE5VhsZiwweWhuO1Z6vDS0YtI5ODX5FZsnPVONRjIUn30kl8Xg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=2d48500657f7191590753d5c5bad3f53%2F9541805444447822252&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705775181983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmhnmhk2dqmkzt4cr2n86ks4s6mx046kfxm2b2gf52mpxcpxmzdmhyfvdtjzfq3cvya3c9kfrnh4kzb6c9mx7g23n28gyekfsmjdvmjbptk8f2m6g9rqj6xpsbfmtc481jnprg5b8k8yny53fy9d17d3e0709t6kx7cd544h0zmqytv95n049e8at7mwvt5mk6trndssmetsqragd4yqtbtg5nmgcwxcv0hfak0qq49sq4e0mjtdcsh8e30kc6nv0ejk9pzfmrz444f5kqsa0es%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz9dGTRCsZbHaCqaKtOUP7eydwASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg4MTE0ODcwMjk1MDMzNjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTmAU_QLf5zY12fMQMSTjXZ7YkylUmLBFpbQxJHZWRf44246AqGsWDam89j9yDrjb3fj9f0rOzXUJKXNbovND1dYY9luf6fLXQnjyAN97yYNxXeKU45Lu-Z4P7XGRc45it55cHO8rTqhaJjAieZ3YB_JGiDREecNRxdlFoyHAPUItnIoFXOYEZxEpyHWudA7jZTeebMcWiQxLOJbPeJjzLIBwQqZrCyd9Sjv6405BkMaCX8yoxJNCDxuLLmRAJYR6-2VRWfB1nxIC_8SkUK2Wip6mxAv8BvAeJPZrJTMJvv6569dNqwWJRfgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYkcDx3cvsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2SqEW50xFXEjZGBP0RXaD1ILmzcA%2526client%253Dca-pub-8811487029503365%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-21.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 20 Jan 2024 11:44:08 GMT
via: 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 24135
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: VyEClcHp8O4CYCF7FpbDyY0u-46NxY0ai-K13A6qUpidWbymvtIdPA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 160ms
159ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=3955186480390517&bg=!-fql-rXNAAa8BdJLnAU7ADQBe5WfOONTmXnQwo_q_YMD3Bvsvc-zwOTDA6AxmY4Yhm9bYwf2Kacty7Kk0zwCgVzNhk8hAgAAADZSAAAAAWgBBwoAHo_f570JLm3hhW-nGY0aULaDCcWA4MXWPlhZnwxhxJkCwlx8Vq0XPO5m5kHzBIK6Qm37qChaEd4ZJhOYQr8gKBq3VRzOyGcrHo6mP4b1m1G7EiHok2tin2jZCRUsG_ZwUUn8U12a1ZLikd56NX_J_qzNO659962cCvfme5TPFnHAWie1DYFnb8wCCqmcZ5PwbcmqlSw5-1xSuAM7WsnIs5tN2UJVQ591nUzn0oKOp4Sk9Zpm27N1MsjTlqIfaZTdNAw-nkT0oYhROiFSOrBO0KRRtI1ITqOfhNIm26jnaAprOvSo3i1inS353tS3me2H4vo0qftlt3gv0YHt6av_c7OTE1_TIau2h4IkQKJKGNssz8bynH_6LmcmdCrgaMc2XLjJUoV0hKosZdbmTzLW7oIoaESgNPTmJ4i4lAebGt0xoNT909DLLgEd_TC7Cozpg1huI2mYaR1m4p-B1IIzD2WbEcHBNwrXfiXNy9Sdf9kcl2XgOBJVvmJ3EX1me_nXM9NH4LhQe_AHxO1MhNDAnGlhG--gbjRKGIBZBTFCnTP6Gljlk5ne969agGCm6LZd6XrOIAl3uchwLtQg22HI5EQn6S7sjpdkrbRoyaOlNc-YPd24mGvJ1TV87Mmir_XURdV3aWcWByT13wJ1vdk6Na1Oa6MZGbAfGWPIrxs6VrVHbCcnGMAGw6b67h9Um-3hgMHMSz7e5_7EWp3KOkSWUWbhz-m8jSjN_o9ELxfWUwXqVP4xEix0GTavg217Nnc0GpXlYOsfcV5VsF4QkpXVQW0kUtc7GMbARVSwT8ZVtceZs2ghTmuWoZKKBk2_ldjwJSfvNe4io3O-IjY4bR31koVQoxCRQ-mUaxai4CppIT7HnDAkVJcRKr1vU0SQXC6rQlitBAnTLUUavFEDZyTyjJAsRxci1fNDdAFU-Y5rnNIJ35TYoSp_-CkKUSJJmezGquV1CPTZcjL0bY4-Rv1olac2Lfo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brandcars.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 960D 16 B
209 B 77ms
77ms Fetch
application/json 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Jan 2024 18:26:23 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 81ms
19ms Preflight 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 20 Jan 2024 18:26:23 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:32:47	Name: userId Value: GlwEcikFw1moGuJWomgJ977GRv62x2rT
www.brandcars.biz.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7a1bba5079c39148146946c2a63da9cd
brandcars.biz.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: cbc32e9e663373c09e89f8ddbc8e23a9
.brandcars.biz.id/	1970-01-21 02:35:11	Name: cf_clearance Value: zHW6N1WHvCwGNor2QdXls.4MLEqnf4y4FKdFgWEgdSM-1705775180-1-AfPW6lnW0D/O1ErlF9Sq77ocC3AabbUenrsMQuY1a6q0aXbwmmhs+axS/CZCOuUeEaWtK12zZG82Sc8KfkAfA38=
.brandcars.biz.id/	1970-01-21 03:11:11	Name: __gads Value: ID=b877c0454e06d285:T=1705775180:RT=1705775180:S=ALNI_MYV8ypf3RV5nD3VYAB5VsxacfJddg
.brandcars.biz.id/	1970-01-21 03:11:11	Name: __gpi Value: UID=00000d45763d7cfb:T=1705775180:RT=1705775180:S=ALNI_MYH2gm7dnEJzdZsMtEDZNS-PTorKg
.doubleclick.net/	1970-01-21 03:11:11	Name: IDE Value: AHWqTUkwGwUUBXZGpNGOYI04H5E8gP2OC0b1tP-n9vQi2hrXMh0sPUm5c9hbEQ80aMA
.ctnsnet.com/	1970-01-21 02:35:11	Name: gid_CAESEASKmpZdCfdSz7aiASWiffU Value: 1
.ctnsnet.com/	1970-01-21 02:35:11	Name: cid_cb7c826462c84154ad32b078c8e8072a Value: 1
.travelaudience.com/	1970-01-21 03:21:15	Name: _tracker Value: %7B%22UUID%22%3A%2207D30A80-0602-4601-2DA9-35BA8E3CC468%22%7D
.adform.net/	1970-01-20 18:34:13	Name: C Value: 1
.adform.net/	1970-01-20 19:15:59	Name: uid Value: 3432347848807495713
.tribalfusion.com/	1970-01-20 19:59:11	Name: ANON_ID Value: aTnt6ZaNj6WlCyhURB1xU4RV69ogZbURTLmttZb6J2ZaYauVJjAFOvXHfR2OqUTlZcA6PZaWcxgkNefLR83qRsOKIaOykWUAeI
t.adcell.com/	1970-01-20 17:53:54	Name: ADCELLvpid2945 Value: 164800-46690-oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH%23%23%23%23%40%40%40%401705775182
.awin1.com/	1970-01-20 17:53:54	Name: awpv11354 Value: 412871\|1705775182\|697a2dd0-b7c1-11ee-94b4-2233c304522e
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 17:53:54	Name: HTLP_timestamp Value: 1705775182224
www.conrad.de/	1970-01-20 17:53:54	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:49:36	Name: __cf_bm Value: vPy3iuaPF502qy2RM_lovtY35mAe7qjQyJzH_b5Tzb0-1705775182-1-AW9n1sb311Kxb6S8dg/ev7/Ix1euZGPKU4x91G/Zkk+4XNhORy8a4FmfmMzemuXLAuO+NtEH9+8Aqq1DJ5RBRgo=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8811487029503365&output=html&h=280&slotname=3228236246&adk=2817947084&adf=2984306924&pi=t.ma~as.3228236246&w=955&fwrn=4&fwrnh=100&lmt=1705775180&rafmt=1&format=955x280&url=https%3A%2F%2Fbrandcars.biz.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705775180339&bpp=1&bdt=260&idt=198&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1401372926594&frm=20&pv=1&ga_vid=1708127742.1705775181&ga_sid=1705775181&ga_hid=513344463&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=323&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95322195%2C95320892%2C95321626%2C95322166&oid=2&pvsid=3955186480390517&tmod=543592346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
brandcars.biz.id
c1.adform.net
cat.nl3.eu.criteo.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
csm.eu.criteo.net
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
ius.ctnsnet.com
pagead2.googlesyndication.com
prod-rtb.ad4mat.net
rtb.nl3.eu.criteo.com
rustic.biz.id
s.tribalfusion.com
static-de.ad4mat.net
static.criteo.net
t.adcell.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.brandcars.biz.id
www.conrad.de
www.google.com
www.googletagservices.com
www.gstatic.com
108.138.36.21
142.250.184.194
178.250.1.6
178.250.1.9
18.134.214.132
18.165.183.91
23.199.221.167
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3033::ac43:d2a9
2606:4700::6812:18ad
2606:4700::6813:afbe
2a00:1450:4001:802::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:cb40:200::242
2a02:fa8:8806:21::1690
2a06:98c1:3121::3
35.177.87.134
35.186.193.173
35.190.0.66
37.157.5.84
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
099f0db5dcfb6124d27e2a7658f46587681103ac421648c30ac96ca3b62d749b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
258aa8f1699516e8cae1190d7d19c1a434d7c52813aa5d11cdaea2becd0b86c0
2aba4c8e5b1e9ef69be0a2c42c27ad90b50b15481365fb9d38339a23010a997d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
344323d8c6d676f23ccfb93a61331bd8efb98c6bd8016c96b14d2f1a2f6a5ceb
3f5cffdd944d8ee78dda1e8f44129898becb59d5f3b55bbf990c56b3d1d32f81
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
466b052e419cb197d46f01e2e76987241540155177d6321fb8b80ca5b7e63b75
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2a758049c360295e92af356c0e57ce37891fa79d0fa416d33a395bd0aea40f
4f5dd128a8a3976911d7bb635884a51c5ae7abdafa0c4d96605ac29c49c6c9ae
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5f1027a92c7ffa513f21451b830b6d0aa6351b0155fede117c38837b8240599d
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
656ed59d3b792fb222321f823a206edd210d7bd17eaae77a4c705a324195efa1
67bd74c9b8c1d6ae03240eae10eb38f58a676ca2452d8676ec4f4f2721fc514c
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6c1805496611bb843d8ddd3ce67aca7f83d24664e24a2c38c245c0b3f4360ee7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72786985760c0ef76ec17668f773da12446c91992ff5a49c34e900d99e7cefbd
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
78278e7c9da626a9cfda9ea3118116518e86435ed6c292d39b509228dcc76a9a
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
8a68e301714d3e9476a50136a4884cba6551ceafabda14b418aade68e5254307
8d5f7dad2f1b5efe7345620d688286884275443172f2f22c988e25766153b7cd
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91772bd12f334975f0720059b347d04cfefef276180cc0f223973ac1c80716fd
929558b676d36dd816d1c5c7f5313c2b61b3ed730caff0e1fe6e250d82a7c640
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5b2ed0f286d190048ceef505d0e0982e30d36b0e4bfe9e9a03fc21f27099446
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215
a681b395ccf60aedf83bf19816759cf5add32857e5dd18e6f26190757869ff0d
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
adb437be959ade525513e9f86e3ed1e186cd1007f161029f6414ff4d948156cd
b28b981c0ac25be9bd1add59e8cb26bd7192d494ef02a69c9f7cd6dcf644f345
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b891b58f38cc4aa42141c012733813fa29ca80416af2493a14d6e1a56d103cb5
bef586ca02d327aa0d328e978285f076912e85d1b43578d5f19a3a53a2b75c64
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cca25018b007ad40a5a4f16e499a67352aab6adc3b6b4ca213fa50100c9916da
d18eb3df91dedac8a747ab0b94010ee4e9a62c2469b0b4afd7e1527df8cc678b
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d45a90b04fae87e4a339f67baca5ea7ace12ef5d7e033d069f1d28512c1c04f4
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d603b4c761ae836212c06b21d8f0e93cf2dee4ae7fa998e4eeba6cda3b4d7c3b
d9ee7cc7674eb7b24e7dbfe0e98bdf0b383d03e92ee26a6332878666a8b4aea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7a752668bba5a44b99584665568edc0e252205c42609b6edd877d84eaba5703
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ed3132d5e1125bfe7905788a71398222a3bb9dd7782769d117e4c114881d3a06
edce924e0912b8dcd6cbe108f47a9d6a6961085e4ba4276b02a6478a2278d7bc
edf28446f50d57b497e259711b3e7144cdc8d3d344b625f8f00878f877aecbd1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f65464769fe640b9d36381a938aba64a524715d61aee75dfb501e0d0396e168f

brandcars.biz.id Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

93 %HTTPS

67 %IPv6

23 Domains

37 Subdomains

29 IPs

6 Countries

1214 kBTransfer

3279 kBSize

19 Cookies

2 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

brandcars.biz.id Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

93 %
HTTPS

67 %
IPv6

23
Domains

37
Subdomains

29
IPs

6
Countries

1214 kB
Transfer

3279 kB
Size

19
Cookies

113 HTTP transactions
2 data transactions