weakspell.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://weakspell.org/
Effective URL:
https://weakspell.org/
Submission: On December 11 via manual (December 11th 2023, 10:34:24 pm UTC) from US — Scanned from NL

Summary HTTP 117 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 17 domains to perform 117 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is weakspell.org.
TLS certificate: Issued by GTS CA 1P5 on November 13th 2023. Valid for: 3 months.

This is the only time weakspell.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3034::ac43:d436	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:c507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:86c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	23.211.9.60 23.211.9.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	2a02:26f0:480... 2a02:26f0:480:1e::217:d1bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
117	24

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

weakspell.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

weakspell.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:d436 (United States)

ASN13335 (CLOUDFLARENET, US)

tfmgqdj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c507 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:86c (United States)

ASN13335 (CLOUDFLARENET, US)

pubtrky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

signaler-pa.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.211.9.60 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-60.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:1e::217:d1bb (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	383 KB
22	weakspell.org 1 redirects weakspell.org	336 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com	214 KB
15	youtube.com www.youtube.com — Cisco Umbrella Rank: 71 signaler-pa.youtube.com — Cisco Umbrella Rank: 7346	1 MB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	111 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 60	9 KB
5	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1605 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997	30 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	34 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
3	tfmgqdj.com tfmgqdj.com	113 KB
2	google.com apis.google.com — Cisco Umbrella Rank: 116 www.google.com — Cisco Umbrella Rank: 2	88 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	32 KB
1	pubtrky.com pubtrky.com	414 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 35155	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	91 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	16 KB
117	17

	Domain	Requested by
22	weakspell.org	1 redirects weakspell.org
15	tpc.googlesyndication.com	googleads.g.doubleclick.net weakspell.org pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com
10	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net
10	fonts.gstatic.com	weakspell.org www.youtube.com
10	www.youtube.com	weakspell.org www.youtube.com
10	pagead2.googlesyndication.com	weakspell.org pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	www.bing.com	2 redirects googleads.g.doubleclick.net
5	signaler-pa.youtube.com	www.youtube.com
4	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	www.googletagservices.com	googleads.g.doubleclick.net weakspell.org
3	tfmgqdj.com	weakspell.org tfmgqdj.com
3	fonts.googleapis.com	weakspell.org googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	cdn.adnxs.com	weakspell.org
1	adsdk.microsoft.com	weakspell.org
1	apis.google.com	www.youtube.com
1	pubtrky.com	tfmgqdj.com
1	youradexchange.com	tfmgqdj.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	weakspell.org
1	maxcdn.bootstrapcdn.com	weakspell.org
1	ajax.googleapis.com	weakspell.org
117	23

This site contains links to these domains. Also see Links.

Domain
watch.footybite.com
soccerlive.app
www.nflbite.com
stream.nbabite.com
mlbbite.net
yiejvik.com

Subject Issuer	Validity	Valid
weakspell.org GTS CA 1P5	`2023-11-13` - `2024-02-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tfmgqdj.com E1	`2023-12-05` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
pubtrky.com GTS CA 1P5	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://weakspell.org/
Frame ID: F28ABF6C5125A87FAA94A4CA53478913
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
Frame ID: C3A9EAC47B979FDF7E1CB7D423F3CB95
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: FABD8F4FCB8D659AC312E4D6F6F43961
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&adk=1812271804&adf=3025194257&lmt=1702323465&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fweakspell.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334059324&bpp=7&bdt=1320&idt=496&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1696104019626&frm=20&pv=2&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=507
Frame ID: A7D48912E05CC7D8DC64315DE6C4E008
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&h=280&adk=4146422958&adf=2731860348&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702323465&rafmt=1&to=qs&pwprc=1544302945&format=1200x280&url=https%3A%2F%2Fweakspell.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334059331&bpp=1&bdt=1327&idt=512&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1696104019626&frm=20&pv=1&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=514
Frame ID: 563B176561C35E5B40E4DE0B23E55C12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&h=50&adk=2875678444&adf=557746639&pi=t.aa~a.2787874025~rp.4&w=772&fwrn=1&fwrnh=100&lmt=1702323465&rafmt=1&to=qs&pwprc=1544302945&format=772x50&url=https%3A%2F%2Fweakspell.org%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334060425&bpp=1&bdt=2421&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7272d5fe98fc5222%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZsOoncAnsw1bLMcSRgJoy9pXwhcQ&gpic=UID%3D00000d13b936b6cb%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZTgiT2ek5VkHET1lLTq_EQ4JDU4w&prev_fmts=0x0%2C1200x280&nras=3&correlator=1696104019626&frm=20&pv=1&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Frame ID: 8CCF63711CF60EA80323F0FDF3CDAA6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&h=50&adk=2875678444&adf=3135012541&pi=t.aa~a.371519902~rp.4&w=772&fwrn=1&fwrnh=100&lmt=1702323465&rafmt=1&to=qs&pwprc=1544302945&format=772x50&url=https%3A%2F%2Fweakspell.org%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334060425&bpp=1&bdt=2421&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7272d5fe98fc5222%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZsOoncAnsw1bLMcSRgJoy9pXwhcQ&gpic=UID%3D00000d13b936b6cb%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZTgiT2ek5VkHET1lLTq_EQ4JDU4w&prev_fmts=0x0%2C1200x280%2C772x50&nras=4&correlator=1696104019626&frm=20&pv=1&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=18
Frame ID: 9E8EC860AF91C7219B3780E612D6E029
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&h=50&adk=2875678444&adf=3782497793&pi=t.aa~a.371530981~rp.4&w=772&fwrn=1&fwrnh=100&lmt=1702323465&rafmt=1&to=qs&pwprc=1544302945&format=772x50&url=https%3A%2F%2Fweakspell.org%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334060425&bpp=1&bdt=2422&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7272d5fe98fc5222%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZsOoncAnsw1bLMcSRgJoy9pXwhcQ&gpic=UID%3D00000d13b936b6cb%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZTgiT2ek5VkHET1lLTq_EQ4JDU4w&prev_fmts=0x0%2C1200x280%2C772x50%2C772x50&nras=5&correlator=1696104019626&frm=20&pv=1&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Frame ID: 76C46CDF9BEEA48F1E13B4BDC68DC6E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 527D689E10314F8C0D533648A5C1BE79
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 4158CA8605EC2745CDCA10817B529842
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 97C5559806D2570F0E7ACDD237F710DB
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 124AE0942989EA8D188E5B3A55B183EA
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 460837409C27C65606B01700D3BF58F6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: A7B8749E835BFF00EFF459C7FE809987
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 7E5001F3704119CD69680A66A809E30F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59992F66606981FA79E72048B85FA503
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD78BDC20810548378F3AC140DC1CE1E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WeakSpell Streams - Welcome to WeakSpell v2.0WeakSpell Streams - Welcome to WeakSpell v2.0

Page URL History Show full URLs

http://weakspell.org/ HTTP 301
https://weakspell.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Polymer (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

polymer\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

117
Requests

98 %
HTTPS

92 %
IPv6

17
Domains

23
Subdomains

24
IPs

2
Countries

2958 kB
Transfer

12624 kB
Size

7
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://watch.footybite.com/
Title: footybite

Search URL Search Domain Scan URL

URL: https://soccerlive.app/
Title: soccer streams

Search URL Search Domain Scan URL

URL: https://www.nflbite.com/
Title: nflbite

Search URL Search Domain Scan URL

URL: https://stream.nbabite.com/
Title: nbabite

Search URL Search Domain Scan URL

URL: https://mlbbite.net/
Title: mlbbite

Search URL Search Domain Scan URL

URL: https://yiejvik.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://weakspell.org/ HTTP 301
https://weakspell.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4b6659b6-8ec4-4789-a399-ffac3aa447ac&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=36057540-fda2-44a3-8a57-9361143f9bf9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D2ccd75a93f43471bb1351bc73c704750%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=7477169551821092368 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2ccd75a93f43471bb1351bc73c704750&SNR=1&GV=2&med=10

Request Chain 115

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4b6659b6-8ec4-4789-a399-ffac3aa447ac&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=36057540-fda2-44a3-8a57-9361143f9bf9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D2ccd75a93f43471bb1351bc73c704750%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=7477169551821092368 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2ccd75a93f43471bb1351bc73c704750&tids=15000&med=10

117 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
weakspell.org/
Redirect Chain

http://weakspell.org/
https://weakspell.org/

71 KB
12 KB

1454ms
1130ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d47869cf1f724f4bb03ea5fba4b18f8038bec6ba45e0d814f6832461aec059f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: EXPIRED
cf-ray: 834131aff927986c-SJC
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 22:34:17 GMT
last-modified: Mon, 11 Dec 2023 19:37:45 GMT
link: <https://weakspell.org/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BdSYb0c300oktuU38o5%2B7dSlHeKLlIr5FjcQ4pqFJ8ASpqG%2FEBBS1x%2BVwqR0jkmnWG4ci7oyMxCgNsLbqGNrX9YFktCzkSEOR7b4ICOqsg4gzkgI9BGXKAg7neVDZ1j51QFAaW93hIgcAEY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 834131ad28c43656-FRA
Connection: keep-alive
Content-Type: text/html
Date: Mon, 11 Dec 2023 22:34:16 GMT
Location: https://weakspell.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXArtjVZfObGYYMpXYgM3wLBikKO68Wj5zF3ZHSasVqJhu87s049yqNptAHgRJrsUROT9wiN9TbICbzL0YQ8JeqZsUkPa6y7w7ADf1IJCpq8f8awH3ckxeAUmh0j4osrNN%2FamVXq8ZYLSnks"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
weakspell.org/wp-includes/css/dist/block-library/ 95 KB
13 KB 993ms
993ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 29 Jun 2023 16:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649dae84-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMtkTa4irbbGV2%2BmyvkpZ%2BO2TlPyGxIjeJe7KO7XkDqBKKPBvQyySYFmKauVlwF7ZebZcJ2AdWRaa%2BCayLRpzKCgEQ9njhv4710PYp7iJPgAI18wSU0izKxSC6UspAMSC7b4%2FZqyysMCXBaP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b70e0f986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 wp-emoji-release.min.js Show response
weakspell.org/wp-includes/js/ 18 KB
5 KB 749ms
749ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 29 Jun 2023 16:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649dae84-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bg7i22Ws9mXM504nUzYnPsQQknMf5OgfzDJ6gH9CDCSUZ4EEezQYcCYWyglz3mqMQ0TG8%2F%2B9Yt0SmNgN%2FPF7lzD29Crlo8rCBBHXO6tuOp18j%2B9%2FwRfg4DxzgEUhKFulnd%2Fn5U%2ByfL1DaCe8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b73e28986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 classic-themes.min.css
weakspell.org/wp-includes/css/ 291 B
465 B 792ms
792ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 29 Jun 2023 16:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649dae84-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Tgr1afn6KU3RRBPsP7xrQlxh8fH2BI9y2mdgoVJZArqdvzKsBMroOWzOPkbvJXfToW5afEGl8RgNpoldoRNG7G3CjUwZ%2FrmJLVHnPXn8miNkPefaUT8WUYoSKe9pEoj7NJugnHvrMeawOk1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b73e29986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 77ms
28ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9605ea0e23dc51de0e446906b9aa5c2719c5f9724aee8314dde75bcbe015dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 21:01:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 22:34:18 GMT

GET
H2 200 genericons.css
weakspell.org/wp-content/themes/weakspell/genericons/ 28 KB
16 KB 981ms
980ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-content/themes/weakspell/genericons/genericons.css?ver=20201208
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 09 Nov 2023 14:42:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654cefce-6e6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzhMjLACbHBZh4ZHHuic7tU%2F%2F7kOlzxpB18im99R5AcxmR8yQaPW59VTtIrhKLGGJ77urGrok8jEvpRNYPZuHIIDhmEbDboAzwmtq8uSVB%2B5LAnCiM%2BuvDpSZvP1uisSc2AnoUlwwcp62g%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b73e2d986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 style.css
weakspell.org/wp-content/themes/weakspell/ 143 KB
23 KB 1055ms
1054ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-content/themes/weakspell/style.css?ver=20221101
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4969a21a8c25d18c2c45bdfcbfb74327b17c0b36961862d678332d07b622ab37

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 12 Nov 2023 08:54:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655092d3-23b5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUivCpMq7m1k0dW9j2861ZxEt9jpHOYr7YHV4gGE1FnuxtfaoTRTW11Q%2FFIIUf83Czhkk36sUNjdSO%2Fl3Nszdp51hiU5MzV18%2FLuFySKnvPaqo7Nz0XtQn%2FOWVt1k5vwceGZaniVRhaIeQcw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b73e2e986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 blocks.css
weakspell.org/wp-content/themes/weakspell/css/ 9 KB
2 KB 755ms
755ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-content/themes/weakspell/css/blocks.css?ver=20221004
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2cc7f8fe276b668797a4cad6196f9449830528ba8ec76b1b5eaf71a9c91b089

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 09 Nov 2023 14:42:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654cefc3-221a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37XUbj9TQ2Y1OATofTiJB4cAAnIR7Rp%2Bq%2BaHp86vuOiFKALzf3Bv083n8TnlPQsrhpVi3MecsZLMT8A6cccpRBvx%2F5HfdH5IJVVQnyQbq%2FUUjqgpAMYUlvdnP19%2BIGn3KDw9pEYbbVOHjxoh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b73e31986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 jquery.min.js Show response
weakspell.org/wp-includes/js/jquery/ 88 KB
32 KB 887ms
887ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 29 Jun 2023 16:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649dae84-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6NKWFTvcbDvHvkZNbF2xHkuGEnIxRFvNJYylYTI6%2FzExKtfUny6b1%2F8785csq0F2ThFUO5aG0NRbVyvjRTs%2FNNvPlxIQQGIYlLjj7WRY%2FMmAEai44weSN0Xu1imHwoukOF7UK5iiq0tM7Zd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b73e32986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 jquery-migrate.min.js Show response
weakspell.org/wp-includes/js/jquery/ 13 KB
5 KB 805ms
805ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 29 Jun 2023 16:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649dae84-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YR18c%2BdMVFI0exS5CrqNetPIyfujZ5Ir%2FvCenXIjdJ60v8lVwWmJSBhf%2BSOy8KK1e%2FBcTLbzBPi2MhFslV7Sblt%2FhKhU%2BltQP4wj%2Bas9%2B%2FGlE%2Bt2nZi6WlNtBro7FD2f76dAMIJrozZy%2BNE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b73e33986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H3 200 nfl.png
weakspell.org/wp-content/uploads/2021/02/ 4 KB
5 KB 969ms
969ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2021/02/nfl.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e6ec33e07808a9f0e2350fee16b883764682f99562dc0edcf61932027b41885

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 08 Feb 2021 09:05:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6020fef2-1019"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sumtmwPOSUczTMerAF6o82ZLUHfA4jroGEx1Bfe9ffKhy7MemjK1WJgsvpNd0CyenlUS7GONKMh%2ByvijZk%2BrgYQppFUT7Jlb7%2Firv2g%2B00oW%2Fsa%2Fw1CKVgXM9tN3XSC%2Bsciuva%2By46bxUDKw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131bddfcf67c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 4121
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H3 200 nbastreams.png
weakspell.org/wp-content/uploads/2023/11/ 14 KB
14 KB 939ms
939ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2023/11/nbastreams.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ad1602a74b081867c077b27ac6e4f15a1cfbc63f3b12344e6ca21de13dbaa4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 11 Nov 2023 07:40:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654f2ff2-3784"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfIoNOvyf6s8qCFAnbk6Ya0Uzl1iH%2F50TzvAzU0PQN6eD2kfoxZeVsBrTu22VgUEqFox6oNAFx8u88lhOO410dRcq9fIFev1CH2S7RGTIp5AiN3TLlzB%2Bsfrf%2BK%2FxenwmhKNQUz7n1OPJSwU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be0ff267c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 14212
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H3 200 soccer-512.png
weakspell.org/wp-content/uploads/2020/07/ 33 KB
33 KB 1103ms
1102ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2020/07/soccer-512.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dacaaf9e1405d112e654fa8dcbb1ba289d88175003a8ccdc8ea508cfbfa3708b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 16 Jul 2020 01:26:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f0facc4-82da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlQQ1jYwjg5w7pG0cYI6ht%2F3%2FK06mArSbnGrTc4ZPg6qQbQmR8YnI9kn60fdJgOQiNIxgPowYj%2BWC7r1BA0VpbcwZks72QwgtFFl5OkZARTGujVdGTNVoYGfGrFxUhKIDliCfzQYgJUhWdtx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be1fff67c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 33498
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H3 200 nhl.png
weakspell.org/wp-content/uploads/2021/02/ 48 KB
48 KB 1107ms
1107ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2021/02/nhl.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014b964e78f5aaec400b5d76826c854e40a765f58ef234edae3e9cd50e156a53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 08 Feb 2021 09:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6020ff5e-bef2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BDhGpgDL9c6uiMxLnGoKRQyl4whdwPacGygo1ACArorRGbRztYzzlhtO%2BciirIJ4MSVnuUy5HK53r%2FDMrrMZaxgZd%2BLyHqVJXg%2BuA33iJzLjj4C8CsZ0GTis7p5tKb3B%2BHsvVX2NbqXksmf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be180067c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 48882
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H3 200 FORMULA-ONE.png
weakspell.org/wp-content/uploads/2020/07/ 11 KB
12 KB 761ms
760ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2020/07/FORMULA-ONE.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82c945f8e4d075d39f093b2c49816df7097fed738c4d9dc85b2e8697b38e7fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 17 Jul 2020 09:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f116c2e-2c45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgPrQvUPC74uNgPfWhH9%2FBen3vtl1y2p%2B5ELhzL%2BcW7g%2FdKEl4IoGWJQwT5KwgnRRp87Xs%2BERi3xC%2FkRDGcMHdfVQiaxOyEJEq8ePGaJ6SQp3jD9j453NE7IljpYGybhNt8MJPItvIXeFWYg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be180267c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 11333
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 18:15:33 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
16 KB 70ms
28ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 2582125
cdn-cachedat: 2021-08-03 12:25:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 56cbdd8f52e666d9c743e927bca0e465
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 834131b708c703b0-FRA
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 87ms
40ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91L786K0G5

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79a9743c4b4b1a331e89d4fa6a6e92216a71dc6ed93a7a458b1b11e8f4f1ee8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93075
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 22:34:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 136ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9664111995240063

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1da6ed5b8202abb5f2d2b4e04f147621b55512e434eb99319e038c785a599f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Origin: https://weakspell.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51884
x-xss-protection: 0
server: cafe
etag: 10224149896621602243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:34:19 GMT

GET
H2 200 skip-link-focus-fix.js Show response
weakspell.org/wp-content/themes/weakspell/js/ 1 KB
861 B 737ms
737ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-content/themes/weakspell/js/skip-link-focus-fix.js?ver=20170530
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 09 Nov 2023 14:42:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654cefe9-423"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHAyi1zXfwkNoPbWI1DSbLB%2BVUe7MNVCEQRQ47gAI%2BXBdCsTz5EnP0ZiFULdZKDBbWcK4trvbZaOJGZcmfVgebrJp%2F64R%2BJqtDNIbvHXDfM1aCJrCBaf6KuEQTIbmCFbm8U%2Bmilx6atHODw0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b7be7c986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 functions.js Show response
weakspell.org/wp-content/themes/weakspell/js/ 7 KB
2 KB 730ms
730ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weakspell.org/wp-content/themes/weakspell/js/functions.js?ver=20211130
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 09 Nov 2023 14:42:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654cefe7-1ca1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4FCgFpwt3zms3BPeZmQd2ln8OpEkekXoUX%2Ffy8Dcgu%2FrY764NH3Be%2FJqvEB%2FDvc37RgUQYpJ0Y3p6yDyUbMoFZ%2FcUmmuzXnO0%2FqLwjIGUW82izxIF3Thn9BjoC9vZGwKKko%2F%2F7%2FyrdPDzA2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 834131b7ce8b986c-SJC
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 22:34:18 GMT

GET
H2 200 live_chat Show response
www.youtube.com/ Frame C3A9 143 KB
28 KB 111ms
45ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dafb96c90c0fabf0a61db6f2421c1de2f81955492a8b0eace1a71ecac6db5c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="youtube_main"
date: Mon, 11 Dec 2023 22:34:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nfl.png
weakspell.org/wp-content/uploads/2021/02/ 4 KB
5 KB 754ms
754ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2021/02/nfl.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e6ec33e07808a9f0e2350fee16b883764682f99562dc0edcf61932027b41885

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 08 Feb 2021 09:05:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6020fef2-1019"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ruKZpBTGq907NZWgZqBmz6FA%2FMZ3k%2FaZnrARX5xqB9c1tbVhFDWd56nBBEMA96MYfmK0s1cEBlBUsOkhTxfeu4c9dVkwdqTvTJJ1cB2xUIvPL0EqcpnDBnpAHO0Z7a7qsKRW0Rv841wtO4F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be180367c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 4121
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H3 200 nbastreams.png
weakspell.org/wp-content/uploads/2023/11/ 14 KB
14 KB 1280ms
1279ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2023/11/nbastreams.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ad1602a74b081867c077b27ac6e4f15a1cfbc63f3b12344e6ca21de13dbaa4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 11 Nov 2023 07:40:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654f2ff2-3784"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe6fe8x%2Byq%2BmvM9L0NKEDsqGK8p2N5Ve%2BBmAQsCqT2CQxPNiiAUg90hUujMh7mgD%2BELcTFQuG%2FWKs8jSuK8cTPI5yotczg4WzW16eriwZUc1lbWkuCdgSzPIubYx1kUKY0%2BuPB5ZlyoMnwv3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be180667c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 14212
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H3 200 soccer-512.png
weakspell.org/wp-content/uploads/2020/07/ 33 KB
33 KB 1282ms
1281ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2020/07/soccer-512.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dacaaf9e1405d112e654fa8dcbb1ba289d88175003a8ccdc8ea508cfbfa3708b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 16 Jul 2020 01:26:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f0facc4-82da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DmZHGOC1P4fm%2Fr9fOoTE8PPlq4lCF4BhJRWpw4JyUGnn5gvAMUyaeenidWXzwy5GPe5L4FWE6%2F%2BMIX0Kpy49zNmmuAUXTncr25pglMuAIQYWEOhkA2aEaW31NxJacNL7Yz%2FqCAJpTONhCz8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be180867c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 33498
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H3 200 nhl.png
weakspell.org/wp-content/uploads/2021/02/ 48 KB
48 KB 1446ms
1446ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2021/02/nhl.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014b964e78f5aaec400b5d76826c854e40a765f58ef234edae3e9cd50e156a53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 08 Feb 2021 09:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6020ff5e-bef2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cch%2FJXBE0RvIq36GNu2gNXmuhBFLFE9R%2F8EU6rj4Bhrs53f5TAiBM2JOpURx1X3a8PTyVQPOpmsusn9xw%2B2BTWGGaRq9FZDPSKDGxu1J%2FpIYrOFTD4FIbzrXxDZz%2Ba0PWvq77ObmySdAnEx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be180a67c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 48882
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H3 200 FORMULA-ONE.png
weakspell.org/wp-content/uploads/2020/07/ 11 KB
12 KB 1450ms
1450ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weakspell.org/wp-content/uploads/2020/07/FORMULA-ONE.png
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82c945f8e4d075d39f093b2c49816df7097fed738c4d9dc85b2e8697b38e7fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 17 Jul 2020 09:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f116c2e-2c45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3dVZceLO6fKXxQXSXfI%2FAP%2FXMs55RROa9ZImmebYO8jlCfty3l5AJytMsWaZrjOH83WxQc9I5CdTJ81cQ3CVvaj3xOBU0fynye6oo9twWYgGK%2FBKt3tqAGbnlolJgVebkmP2StavnClJFJX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 834131be180c67c7-SJC
alt-svc: h3=":443"; ma=86400
content-length: 11333
expires: Wed, 10 Jan 2024 22:34:19 GMT

GET
H2 200 utils.js Show response
tfmgqdj.com/script/ 169 KB
52 KB 87ms
31ms Script
text/javascript 2606:4700:3034::ac43:d436
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tfmgqdj.com/script/utils.js
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2340b018fff5690619bc0a03259eb447410486b63d8d1f8ab75d96ac6370a9bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1121
x-guploader-uploadid: ABPtcPrhTPFaSxhr5Hz_CkrBYMaJZx3CGIDXZczFE0RBqvawsP4S933Dvn9UCi3jZDDzwse7CgrIYPUeQg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 14:05:51 GMT
server: cloudflare
etag: W/"38ba02497671c2d830cd57b02be24582"
vary: Accept-Encoding
x-goog-hash: crc32c=7VegwA==, md5=OLoCSXZxwtgwzVewK+JFgg==
x-goog-generation: 1701698751454949
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eeF6z5ehS1ifmD8qkYnmfeO0Y%2FL%2B7uUsmhh6%2Fup4Pgk29IxQP8MDxyQwa357DyokuQccJUKd5uOtLIaj7TaZ5cym0QRMI7jzaJuIHgIL4ZSs3lKKUmrwB7LQBELISjdHMyFWaofnYBgtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 172787
cf-ray: 834131be0c8d5d9f-FRA
expires: Mon, 11 Dec 2023 22:57:54 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v12/ 16 KB
16 KB 66ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v12/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: weakspell.org
URL: https://weakspell.org/wp-content/themes/weakspell/style.css?ver=20221101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Origin: https://weakspell.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:58:26 GMT
x-content-type-options: nosniff
age: 45353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16112
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:10:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 09:58:26 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v12/ 15 KB
16 KB 71ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v12/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: weakspell.org
URL: https://weakspell.org/wp-content/themes/weakspell/style.css?ver=20221101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Origin: https://weakspell.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:48:00 GMT
x-content-type-options: nosniff
age: 81979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Dec 2024 23:48:00 GMT

GET
H2 200 ut.js Show response
tfmgqdj.com/script/ 80 KB
28 KB 35ms
34ms Script
text/javascript 2606:4700:3034::ac43:d436
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tfmgqdj.com/script/ut.js?cb=1702334059243
Requested by: Host: tfmgqdj.com
URL: https://tfmgqdj.com/script/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf7f34e550f5f6bead66bbd8baa61274bf0cf3ae804661c4b441d240212b8010

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1141
x-guploader-uploadid: ABPtcPo_WNwngj6uTW-C8tr05k20pq7R5qhHap40jpVbDXccroZyPCztJNkGqM0ZiqhB-xwdVt4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 14:05:37 GMT
server: cloudflare
etag: W/"1edfed807930c1dea818ac18c299154c"
vary: Accept-Encoding
x-goog-hash: crc32c=2nkS8g==, md5=Ht/tgHkwwd6oGKwYwpkVTA==
x-goog-generation: 1701698737164870
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoMUSqUvUIdomW%2Fooyqt79IHJloNputSoAE9XF2NFRAVaY%2FW0wcbYJ2GEuhOmUGgyQ99%2FA2TnqZJk4XRGKdkt7M%2FnGmhXIczk87d2eRlmNiiCM4GvqrvHLlt8oNygERY3tGFWGIRVp464g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 82092
cf-ray: 834131be5cc15d9f-FRA
expires: Mon, 11 Dec 2023 22:45:01 GMT

GET
H2 200 suv5.js Show response
tfmgqdj.com/script/ 95 KB
32 KB 31ms
31ms Script
text/javascript 2606:4700:3034::ac43:d436
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tfmgqdj.com/script/suv5.js
Requested by: Host: tfmgqdj.com
URL: https://tfmgqdj.com/script/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ab5707f8caa81d4c8ef4d9373254d130c294ed2ee997c807e068b149fdb4e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1123
x-guploader-uploadid: ABPtcPpZjidsxGVJH0AYCzg_1WIvBXc6qHFE0CV1lyd-ugeBFiDLy4-zYWWa2sU-5DUNQPPQ7Rk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 14:04:37 GMT
server: cloudflare
etag: W/"fe85f0affad429f5413cd601a475b728"
vary: Accept-Encoding
x-goog-hash: crc32c=4eu5MA==, md5=/oXwr/rUKfVBPNYBpHW3KA==
x-goog-generation: 1701698677261682
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ojTJR2BeZ3IxKkYAyk%2F8HzUhAbwv%2BfliRAYmEoHXERyYDuZt%2FtDIALiIO4C%2BfaFSMyuKreWgN3kut%2BsX5DmXMCUaxaOs6aDqwomeaq%2BpsPnlFJY9cBGsUR5Qylfs%2Bjn0WRqrlU9ieM4%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97361
cf-ray: 834131be5cc25d9f-FRA
expires: Mon, 11 Dec 2023 22:59:45 GMT

GET
H2 200 scheduler.js Show response
www.youtube.com/s/desktop/dc0688f8/jsbin/scheduler.vflset/ Frame C3A9 9 KB
4 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/dc0688f8/jsbin/scheduler.vflset/scheduler.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58ae013b8e95b7667124263f632b49a10acf7da2889547f2d9e4b279708a29f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3702
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:13:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 15:04:10 GMT

GET
H2 200 network.js Show response
www.youtube.com/s/desktop/dc0688f8/jsbin/network.vflset/ Frame C3A9 16 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/dc0688f8/jsbin/network.vflset/network.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6ecc4abde3468769ff07bc6f76f694f1e738aef7ef71572bf2d20f5b9d69eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6223
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:13:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 15:04:11 GMT

GET
H2 200 web-animations-next-lite.min.js Show response
www.youtube.com/s/desktop/dc0688f8/jsbin/web-animations-next-lite.min.vflset/ Frame C3A9 50 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/dc0688f8/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cbfda7bfd7be1dcb66bbb507a74111fc4b2becbc742cd879751c3b4cbfa2f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15164
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 10:12:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 22:27:45 GMT

GET
H2 200 custom-elements-es5-adapter.js Show response
www.youtube.com/s/desktop/dc0688f8/jsbin/custom-elements-es5-adapter.vflset/ Frame C3A9 2 KB
853 B 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/dc0688f8/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59ce6bdf8e3d17bb68667499c34a3ec32b9f7836dbca59d03237a4c9fffefd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 789
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:13:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 15:04:10 GMT

GET
H2 200 webcomponents-sd.js Show response
www.youtube.com/s/desktop/dc0688f8/jsbin/webcomponents-sd.vflset/ Frame C3A9 77 KB
22 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/dc0688f8/jsbin/webcomponents-sd.vflset/webcomponents-sd.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc6a31b9d818aec7f64712f1894cb52b55776d75c1b1fc58db8e2a6628038ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22933
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:13:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 15:04:10 GMT

GET
H2 200 intersection-observer.min.js Show response
www.youtube.com/s/desktop/dc0688f8/jsbin/intersection-observer.min.vflset/ Frame C3A9 5 KB
2 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/dc0688f8/jsbin/intersection-observer.min.vflset/intersection-observer.min.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2090
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:13:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 15:04:10 GMT

GET
H2 200 lottie_light.js Show response
www.gstatic.com/external_hosted/lottie/ Frame C3A9 143 KB
35 KB 76ms
28ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/lottie/lottie_light.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f885aa9c8ef261689af96cb5f0896db880edb2f6657c390adcbcff2f4056bdb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35295
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 15:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 11 Dec 2023 22:34:19 GMT

GET
H2 200 live_chat_polymer.js Show response
www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/ Frame C3A9 7 MB
1 MB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2460208b8d8f869d9c02d35b712aeab64cb08ebf653f3f64865ae375add7e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258301
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 10:12:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 18:40:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C3A9 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:43:39 GMT
x-content-type-options: nosniff
age: 251440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 00:43:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C3A9 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:49:27 GMT
x-content-type-options: nosniff
age: 81892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Dec 2024 23:49:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 74ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-91L786K0G5&gtm=45je3bt0v9171244548&_p=1702334059137&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1717910162.1702334059&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702334059&sct=1&seg=0&dl=https%3A%2F%2Fweakspell.org%2F&dt=WeakSpell%20Streams%20-%20Welcome%20to%20WeakSpell%20v2.0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2832
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91L786K0G5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:34:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weakspell.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 suurl5.php Show response
youradexchange.com/script/ 1 KB
1 KB 244ms
192ms Fetch
application/json 2606:4700:e6::ac40:c507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=6913926&chmob=%3F0&cbur=0.6310996419374901&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=WeakSpell%20Streams%20-%20Welcome%20to%20WeakSpell%20v2.0&cbpage=https%3A%2F%2Fweakspell.org%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=tfmgqdj.com&ts=1702334059308&srs=d03d95168df0f14d95984181ff49f042&atv=38.4-sw-adbl-suv5&abtg=1
Requested by: Host: tfmgqdj.com
URL: https://tfmgqdj.com/script/suv5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89bef961a6ef378dc60addf36a626670826da7cc5300bb036799fdbcc9655a20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLImMkvgQeLtHstpnedDUrGphafQjrdh%2BBiEDD8PWkydz23esOG%2BeA20J5bDLlVmgdOJ2q7PtJQ7Z6NhIrJYX2f4s7%2FknOld36m5qES3UlzKQRFEkPrP8XbrB%2B0rTIKVZEjPtbakI9XvgIvtf6R%2F3s0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cf-ray: 834131bf0dcc65ae-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 204 hb.php
pubtrky.com/ut/ 0
414 B 204ms
150ms Ping
text/plain 2606:4700:3034::6815:86c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pubtrky.com/ut/hb.php?cb=0.4038442414820418&v=1
Requested by: Host: tfmgqdj.com
URL: https://tfmgqdj.com/script/ut.js?cb=1702334059243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:86c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://weakspell.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWalfZM7lMRwVDZP6Dwlik16DkjRHlf0FhmqcdIA8bYlXiIYbFWlsf%2F7qI17gs3VGTJkGC1La%2F5t50nu75RRR0Un4GpwczP%2FBc%2FFyp%2F%2FFCgQpjpBnNulwPZMNl0%2Bcy762bYdEuNQa4Bwug%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 834131bf189c9128-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 130ms
87ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9664111995240063&plah=weakspell.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9664111995240063

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebb5457ea4c2b1961100f6d10f8302d77569bb3f3fae08d94fc2feb7d8a40746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137722
x-xss-protection: 0
server: cafe
etag: 10529566692830341700
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:34:19 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame FABD 9 KB
4 KB 103ms
30ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9664111995240063

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 64738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 04:35:21 GMT
etag: 5585625838579639069
expires: Mon, 25 Dec 2023 04:35:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame C3A9 106 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ba0d719d526e60f73bc0c3eb6c22d35fff9f97d685c0e01c9bcd8de6a35263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37049
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 01:57:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 22:38:23 GMT

GET
H3 200 emojis-svg-9.json Show response
www.gstatic.com/youtube/img/emojis/ Frame C3A9 904 KB
46 KB 62ms
20ms XHR
application/json 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/youtube/img/emojis/emojis-svg-9.json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65b1b111ff3ac107abc55c4d1643cfe058d0e987b510e5b227ea7670c1f3dbdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube-sponsors-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47551
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 17:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="youtube-sponsors-team"
vary: Accept-Encoding, Origin
report-to: {"group":"youtube-sponsors-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-sponsors-team"}]}
content-type: application/json
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 21:52:47 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/ Frame C3A9 253 KB
87 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c666836c7180eca079c74ece8ddfa89afd963d18d61cf61b6fef43a9e79281af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88694
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 21:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 02:56:15 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A7D4 468 KB
93 KB 496ms
496ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&adk=1812271804&adf=3025194257&lmt=1702323465&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fweakspell.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334059324&bpp=7&bdt=1320&idt=496&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1696104019626&frm=20&pv=2&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=507

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9664111995240063&plah=weakspell.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f3dee60a00c2bac767711be68b0b41b79987e979379185da5e9b25fd8af6e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 95015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:34:20 GMT
expires: Mon, 11 Dec 2023 22:34:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 emoji_u2764.svg
www.youtube.com/s/gaming/emoji/7ff574f2/ Frame C3A9 1 KB
636 B 20ms
19ms Image
image/svg+xml 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/gaming/emoji/7ff574f2/emoji_u2764.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4898de6379443cb7d32c1571c03e6e1dd10146d586dc1c530542a4e2f28d7f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 10:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
last-modified: Tue, 17 Nov 2020 21:15:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 10:43:32 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 563B 721 B
577 B 255ms
254ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&h=280&adk=4146422958&adf=2731860348&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702323465&rafmt=1&to=qs&pwprc=1544302945&format=1200x280&url=https%3A%2F%2Fweakspell.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334059331&bpp=1&bdt=1327&idt=512&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1696104019626&frm=20&pv=1&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=514

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e812fd9790abd3c6f51a2f975ed2cf0869fd14ecfc83e548b377d1f8be82976f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:34:20 GMT
expires: Mon, 11 Dec 2023 22:34:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 chooseServer Show response
signaler-pa.youtube.com/punctual/v1/ Frame C3A9 49 B
70 B 166ms
126ms XHR
application/json+protobuf 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://signaler-pa.youtube.com/punctual/v1/chooseServer?key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c84c86d4ff7e9d28c3c8c4288bd76184795baf185b46587670d43ea28ac34e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/json+protobuf

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,date,server,content-length
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
x-xss-protection: 0

OPTIONS
H2 200 chooseServer
signaler-pa.youtube.com/punctual/v1/ Frame 0
0 187ms
127ms Preflight
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://signaler-pa.youtube.com/punctual/v1/chooseServer?key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 11 Dec 2023 22:34:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 24px.svg Show response
www.gstatic.com/youtube/img/icons/web/youtube_outline/arrow-back/v1/ Frame C3A9 146 B
153 B 21ms
20ms Fetch
image/svg+xml 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/youtube/img/icons/web/youtube_outline/arrow-back/v1/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

052c15676e8072a7124963c43d1057cf85f781cbdbe604d7aed078869cdce1a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 01:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 336317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="youtube"
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/svg+xml
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 01:09:02 GMT

GET
H3 200 24px.svg Show response
www.gstatic.com/youtube/img/icons/web/youtube_outline/arrow-forward/v1/ Frame C3A9 126 B
145 B 23ms
22ms Fetch
image/svg+xml 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/youtube/img/icons/web/youtube_outline/arrow-forward/v1/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdbcd13010ab15b22fd1abcc9aec5beef8d2ca6cd8eeb12a46b10f43ab2c3b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="youtube"
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/svg+xml
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 02:03:45 GMT

GET
H3 200 24px.svg Show response
fonts.gstatic.com/s/i/youtube_outline/arrow_down/v2/ Frame C3A9 193 B
185 B 22ms
21ms Fetch
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/i/youtube_outline/arrow_down/v2/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5968b4c826f14a991a83b0ff27573bd4a20fd5bb16f79140d399c2e7413bed10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 02:13:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 20:42:24 GMT

GET
H3 200 24px.svg Show response
fonts.gstatic.com/s/i/youtube_outline/x_mark/v4/ Frame C3A9 251 B
208 B 28ms
27ms Fetch
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/i/youtube_outline/x_mark/v4/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b90706d55c1e8b616bf8d677c195d09af8aa75bc669ba3a36a25480ca86f6926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 02:13:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 23:43:40 GMT

GET
H3 200 24px.svg Show response
fonts.gstatic.com/s/i/youtube_outline/face_very_happy/v7/ Frame C3A9 825 B
460 B 26ms
26ms Fetch
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/i/youtube_outline/face_very_happy/v7/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

356698efd09203e102c0d2df8f7fbbd5f4a6ca5ba756a1f2ae82b1a01ae63ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 433
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 21:48:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:42:47 GMT

GET
H3 200 24px.svg Show response
fonts.gstatic.com/s/i/youtube_outline/overflow_vertical/v10/ Frame C3A9 363 B
219 B 25ms
24ms Fetch
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/i/youtube_outline/overflow_vertical/v10/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98901ddff67e245769a3e1f47aba0210653f817436ce288646fc0bb88e859cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 02:14:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 20:27:53 GMT

GET
H3 200 24px.svg Show response
fonts.gstatic.com/s/i/youtube_outline/send/v3/ Frame C3A9 206 B
205 B 25ms
25ms Fetch
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/i/youtube_outline/send/v3/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c851af847046612289548a6d50c4e77dc55a9efbb0bca9128723422cac4a4f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 20:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 17:20:50 GMT

GET
H3 200 24px.svg Show response
www.gstatic.com/youtube/img/icons/web/youtube_fill/youtube_round/v1/ Frame C3A9 2 KB
787 B 23ms
23ms Fetch
image/svg+xml 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/youtube/img/icons/web/youtube_fill/youtube_round/v1/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eea10f57c4e2a6677142feec3f9353399d500be403c61c5456881396adf6fee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 01:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="youtube"
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/svg+xml
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:28:47 GMT

GET
H3 200 24px.svg Show response
fonts.gstatic.com/s/i/youtube_outline/chevron_down/v7/ Frame C3A9 157 B
168 B 24ms
23ms Fetch
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/i/youtube_outline/chevron_down/v7/24px.svg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c47564ecc26a15c0a2381733fbf821edfdcc17a4a8b946380b6308c6381517df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 02:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 14:01:11 GMT

OPTIONS
H2 200 channel
signaler-pa.youtube.com/punctual/multi-watch/ Frame 0
0 122ms
121ms Preflight
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://signaler-pa.youtube.com/punctual/multi-watch/channel?VER=8&gsessionid=oJED_v_-x1F2phNlMleeBPVkE37TpvT84j_-OJager8&key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo&RID=34706&CVER=22&zx=7n0edonyh7ll&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-webchannel-content-type
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-webchannel-content-type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 11 Dec 2023 22:34:20 GMT
server: ESF
vary: origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 channel Show response
signaler-pa.youtube.com/punctual/multi-watch/ Frame C3A9 54 B
74 B 123ms
123ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aca59c855bb369887ed16528937399c32605e0b2bbed4a8b7f65f290ae362220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
X-WebChannel-Content-Type: application/json+protobuf
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: x-client-wire-protocol
x-client-wire-protocol: h3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f02d4e35a4dcac52bacddecf4211f569f9cb6d009300eb6902b511615f8ee894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55997
x-xss-protection: 0
server: cafe
etag: 17527497514897049305
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:34:20 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8CCF 430 B
235 B 387ms
386ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&h=50&adk=2875678444&adf=557746639&pi=t.aa~a.2787874025~rp.4&w=772&fwrn=1&fwrnh=100&lmt=1702323465&rafmt=1&to=qs&pwprc=1544302945&format=772x50&url=https%3A%2F%2Fweakspell.org%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334060425&bpp=1&bdt=2421&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7272d5fe98fc5222%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZsOoncAnsw1bLMcSRgJoy9pXwhcQ&gpic=UID%3D00000d13b936b6cb%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZTgiT2ek5VkHET1lLTq_EQ4JDU4w&prev_fmts=0x0%2C1200x280&nras=3&correlator=1696104019626&frm=20&pv=1&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa5e82ef0285f1475581272019d7b674cc8191c2f7ba78f783799b28633a0898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:34:20 GMT
expires: Mon, 11 Dec 2023 22:34:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E8E 430 B
233 B 413ms
412ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&h=50&adk=2875678444&adf=3135012541&pi=t.aa~a.371519902~rp.4&w=772&fwrn=1&fwrnh=100&lmt=1702323465&rafmt=1&to=qs&pwprc=1544302945&format=772x50&url=https%3A%2F%2Fweakspell.org%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334060425&bpp=1&bdt=2421&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7272d5fe98fc5222%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZsOoncAnsw1bLMcSRgJoy9pXwhcQ&gpic=UID%3D00000d13b936b6cb%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZTgiT2ek5VkHET1lLTq_EQ4JDU4w&prev_fmts=0x0%2C1200x280%2C772x50&nras=4&correlator=1696104019626&frm=20&pv=1&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce36d8fd1e25c92708e700962c786df43dab11630183b3b701efd33702657fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:34:20 GMT
expires: Mon, 11 Dec 2023 22:34:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76C4 430 B
234 B 412ms
412ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9664111995240063&output=html&h=50&adk=2875678444&adf=3782497793&pi=t.aa~a.371530981~rp.4&w=772&fwrn=1&fwrnh=100&lmt=1702323465&rafmt=1&to=qs&pwprc=1544302945&format=772x50&url=https%3A%2F%2Fweakspell.org%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702334060425&bpp=1&bdt=2422&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7272d5fe98fc5222%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZsOoncAnsw1bLMcSRgJoy9pXwhcQ&gpic=UID%3D00000d13b936b6cb%3AT%3D1702334059%3ART%3D1702334059%3AS%3DALNI_MZTgiT2ek5VkHET1lLTq_EQ4JDU4w&prev_fmts=0x0%2C1200x280%2C772x50%2C772x50&nras=5&correlator=1696104019626&frm=20&pv=1&ga_vid=1717910162.1702334059&ga_sid=1702334060&ga_hid=2111926357&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079923%2C31079929%2C42531705%2C44785292%2C44809003%2C95320868%2C95320884%2C95320888&oid=2&pvsid=4304295325186814&tmod=1818135670&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

634aada5ee03622a36b697c1c33e11ff9816a5d96bae7d4d7baefdf0637da638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:34:20 GMT
expires: Mon, 11 Dec 2023 22:34:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 channel
signaler-pa.youtube.com/punctual/multi-watch/ Frame C3A9 25 B
0 121ms
120ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Referer, origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.youtube.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 527D 9 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 82003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 23:47:37 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 23:47:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 4158 9 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 82003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 23:47:37 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 23:47:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 97C5 9 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 82003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 23:47:37 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 23:47:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 527D 4 KB
767 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 21:40:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 22:34:20 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 527D 205 B
229 B 20ms
19ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:41:52 GMT
x-content-type-options: nosniff
age: 10348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 10 Dec 2024 19:41:52 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 527D 604 B
628 B 22ms
21ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:04:04 GMT
x-content-type-options: nosniff
age: 16216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 10 Dec 2024 18:04:04 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 527D 16 KB
7 KB 66ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:08:23 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 527D 22 KB
9 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 02:16:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4158 2 KB
856 B 87ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4158 24 KB
9 KB 88ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4158 3 KB
1 KB 87ms
53ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4158 20 KB
8 KB 76ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4158 202 KB
64 KB 128ms
81ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:34:20 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4158 37 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 09:15:24 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 124A 94 KB
32 KB 95ms
14ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4889) /
Resource Hash: a2592b93b5f78c6fea9afe7755e9c68ce5a4497f7f6f508339bb4f78a0bced38

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: gzip
content-md5: 0IifNkWfS/H6/qNjoR1Zaw==
age: 289718
x-cache: HIT
content-length: 32182
x-ms-lease-status: unlocked
last-modified: Fri, 08 Dec 2023 14:00:00 GMT
server: ECAcc (ama/4889)
etag: 0x8DBF7F5F8117829
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bec6b475-901e-0034-54df-297bee000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 124A 80 KB
27 KB 128ms
44ms Script
application/x-javascript 23.211.9.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: weakspell.org
URL: https://weakspell.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-9-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 22:34:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Tue, 10 Dec 2024 22:34:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 124A 3 KB
1 KB 73ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 124A 20 KB
8 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 124A 202 KB
64 KB 190ms
151ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:34:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4608 2 KB
553 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 21:38:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 22:34:20 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4608 2 KB
875 B 58ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4608 24 KB
9 KB 56ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4608 3 KB
1 KB 55ms
48ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4608 20 KB
8 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4608 202 KB
64 KB 162ms
142ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:34:20 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4608 37 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 09:15:24 GMT

POST
H3 200 get_live_chat Show response
www.youtube.com/youtubei/v1/live_chat/ Frame C3A9 4 KB
2 KB 36ms
36ms Fetch
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/live_chat/get_live_chat?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/dc0688f8/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

450cb9451ea9d92824a0b5b892c410d42aa20719148f6dfa785be41cd2ab79fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/live_chat?v=K5o0Ora9_3w&embed_domain=weakspell.org&dark_theme=1
X-Youtube-Client-Name: 1
X-Youtube-Client-Version: 2.20231211.01.00
X-Goog-Visitor-Id: Cgtsb1Bkd2x6blI0VSjrnN6rBjIICgJOTBICEgA%3D

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1736
x-xss-protection: 0
expires: Mon, 11 Dec 2023 22:34:20 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 124A
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4b6659b6-8ec4-4789-a399-ffac3aa447ac&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=36057540-fda2-44a3...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2ccd75a93f43471bb1351bc73c704750&SNR=1&GV=2&med=10

0
545 B

52ms
52ms

Image
text/plain

2a02:26f0:480:1e::217:d1bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2ccd75a93f43471bb1351bc73c704750&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Server: 2a02:26f0:480:1e::217:d1bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:34:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF5BBE9FAC934F7BBBEEDA095DFFA613 Ref B: FRA31EDGE0205 Ref C: 2023-12-11T22:34:20Z
x-cdn-traceid: 0.3bd01702.1702334060.142e103
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 11 Dec 2023 22:34:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5F2EC9AC9B3C4E66B2B851942679C814 Ref B: VIEEDGE1309 Ref C: 2023-12-11T22:34:20Z
x-cdn-traceid: 0.3bd01702.1702334060.142e0e9
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2ccd75a93f43471bb1351bc73c704750&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 124A 8 KB
8 KB 130ms
26ms Image
image/jpeg 2a02:26f0:480:1e::217:d1bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7353096409961_1P0I4LHVFVDD2EBN1X&pid=21.2&c=16&roil=0.2392&roit=0&roir=0.7617&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:1e::217:d1bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ed2a5827e08b63ed39316df74e207c19c7ed0061b477807f68c918547c7a9347

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.3bd01702.1702334060.142e0ea
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 7704
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 124A 0
532 B 114ms
13ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fweakspell.org&e=wqT_3QLnA-jnAQAAAwDWAAUBCOuc3qsGEJDspq33wo_iZxgAKjYJpEm5LsJnwj8RtiaYrwXxwT8ZAAAAYGZm1j8htg0SACkRJNAxAAAAQOF6pD8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4sfMFgAEBigEDVVNEkgUG8JqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFWh0dHBzOi8vd2Vha3NwZWxsLm9yZ4ADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAW9WIgFAZgFAKAF7Mm27PyaqrsOwAUAyQUABQEU8D_SBQkJBQt0AAAA2AUB4AUB8AVI-gUECAAQAJAGAJgGALgGAMEGAR80AADwP9AGwo0E2gYWChAJEhkBAYlg4AYB8gYCCACABwGIBwCgBwHIB7HzBdIHDRVjASYI2gcGAV6kGADgBwDqBwIIAPAHp9sEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=62c8d2b4ec3cde10c7abf9f56af8c128d4ba3a6c&bdref=https%3A%2F%2Fweakspell.org%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fweakspell.org%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-9664111995240063%26fa%3D4%26ifi%3D9%26uci%3Da!9%26btvi%3D5,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:34:20 GMT
an-x-request-uuid: 4e6afad4-8d32-41e6-99dd-97cf5145334e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.71; 95.211.146.71; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame A7B8 51 KB
19 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:42:25 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E50 51 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: weakspell.org
URL: https://weakspell.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:42:25 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 124A 0
555 B 13ms
13ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fweakspell.org&e=wqT_3QKbB-ibAwAAAwDWAAUBCOuc3qsGEJDspq33wo_iZxgAKjYJpEm5LsJnwj8RtiaYrwXxwT8ZAAAAYGZm1j8htg0SACkRJNAxAAAAQOF6pD8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4sfMFgAEBigEDVVNEkgUG8FuYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFWh0dHBzOi8vd2Vha3NwZWxsLm9yZ4ADAIgDAZADAJgDCaADAaoDsAMKxgJodA0r8IZ3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0zNjA1NzU0MC1mZGEyLTQ0YTMtOGE1Ny05MzYxMTQzZjliZjkmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbmkVXBhwdWJsaXNoBSksMTYyNjQ1MzMwJnJJmnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ElfZXJkaHJmZ1lyaXJ5WTEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3NDc3MTY5NTUxODIxMDkyMzY4IgkzODE4NDY3MTQqBCFj8Mk6OFUyVmhjbU5vUVdRak56TTFPVGc0TmprME16VTJNemtqTWpNeU5UTTVPRE0zTXpneE56azBPUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBezJtuz8mqq7DsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBUj6BQQIABAAkAYAmAYAuAYAwQYADS8k0AbCjQTaBhYKEAURHQEBiWDgBgHyBgIIAIAHAYgHAKAHAcgHsfMF0gcNFWMBJgzaBwYIBQmo4AcA6gcCCADwB6fbBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=d5472a5823e37a66aeebbd7e88471928bff889e3&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=7989405191775150286&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:34:20 GMT
an-x-request-uuid: 5bf2bb52-de33-4af1-9aac-fac559b52e58
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.71; 95.211.146.71; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb18c5b0370816f69080ca2e66925a184e820faa99cffcaf7bee868bf0dab3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12227
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 124A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e303bc293cdf4cfefbe10b5dc2aa5861190951c077c4ffe338b752511b188a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 124A 0
19 B 62ms
61ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_azma453ZdSpNLzMx_APz8moyArS4Nfgbo-ktpOTCsCNtwEQASAAYJEEggEXY2EtcHViLTk2NjQxMTE5OTUyNDAwNjPIAQmoAwHIAwKqBMABT9BDyR6poi-ToAt5d9dSG_KYB_4fvVPFdlOCREcHJydgbIvQ6ZQ7D0dRHVMxWoRVofqk94VpEQNC6ZNCL6Ii7Zkr4eBLAJlPHo-DWtWLlzlv_vvQGYGUexCI_m5vQ0S-lOuPuzU8NhsbL0zETQRjcotI7cPQBv9zW1z4Oe3hQACy2NLV7IbzMA4EBwUwm-bSfEKGW8kTzgNZ6hYhPY1KlhnhxkXH1Tku9ajiJZube_iIA4bu5uMLC53W4yjkMEyBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKnktMe4iIMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk2NjQxMTE5OTUyNDAwNjMYAA&sigh=uVhbHD1K-g8&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNpBCpjSu5KCTT3Y2sVO4J4Tq4btnYkZOinX9ZpTBL5S9rGm2Dsyh3J5hscUBQsjORuFkpiENTcB3aq8AUPeDCn9lhv22aYszj_xgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 22:34:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 124A 0
531 B 14ms
13ms Image
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fweakspell.org&e=wqT_3QKbB-ibAwAAAwDWAAUBCOuc3qsGEJDspq33wo_iZxgAKjYJpEm5LsJnwj8RtiaYrwXxwT8ZAAAAYGZm1j8htg0SACkRJNAxAAAAQOF6pD8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4sfMFgAEBigEDVVNEkgUG8FuYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFWh0dHBzOi8vd2Vha3NwZWxsLm9yZ4ADAIgDAZADAJgDCaADAaoDsAMKxgJodA0r8IZ3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0zNjA1NzU0MC1mZGEyLTQ0YTMtOGE1Ny05MzYxMTQzZjliZjkmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbmkVXBhwdWJsaXNoBSksMTYyNjQ1MzMwJnJJmnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ElfZXJkaHJmZ1lyaXJ5WTEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3NDc3MTY5NTUxODIxMDkyMzY4IgkzODE4NDY3MTQqBCFj8Mk6OFUyVmhjbU5vUVdRak56TTFPVGc0TmprME16VTJNemtqTWpNeU5UTTVPRE0zTXpneE56azBPUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBezJtuz8mqq7DsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBUj6BQQIABAAkAYAmAYAuAYAwQYADS8k0AbCjQTaBhYKEAURHQEBiWDgBgHyBgIIAIAHAYgHAKAHAcgHsfMF0gcNFWMBJgzaBwYIBQmo4AcA6gcCCADwB6fbBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=d5472a5823e37a66aeebbd7e88471928bff889e3&pp=ZXeOawANFNQIEeY8AAokz7DQEf8kdM3YWrEXAQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpbwfa453ZdSpNLzMx_APz8moyArS4Nfgbo-ktpOTCsCNtwEQASAAYJEEggEXY2EtcHViLTk2NjQxMTE5OTUyNDAwNjPIAQmoAwHIAwKqBMMBT9BDyR6poi-ToAt5d9dSG_KYB_4fvVPFdlOCREcHJydgbIvQ6ZQ7D0dRHVMxWoRVofqk94VpEQNC6ZNCL6Ii7Zkr4eBLAJlPHo-DWtWLlzlv_vvQGYGUexCI_m5vQ0S-lOuPuzU8NhsbL0zETQRjcotI7cPQBv9zW1z4Oe3hQACy2NLV7IbzMA4EBwUwm-bSfEKGW8kTzgNZ6lQjHB-IMuOMUr-zYKd3cR7mBpEfctaQ2iRov2e3i7f6--hl0iEViwbYgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKnktMe4iIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27fdwrcDJx3O6rO33QpLva5wf0DQ%26client%3Dca-pub-9664111995240063%26adurl%3D&cbvp=2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:34:20 GMT
an-x-request-uuid: 6219ee10-2740-4c88-be57-a2a877794a8d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.71; 95.211.146.71; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 22:34:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5999 13 KB
5 KB 31ms
30ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 36047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 12:33:34 GMT
expires: Tue, 10 Dec 2024 12:33:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DD78 829 B
1 KB 92ms
30ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9337b93fad7cdb0e241b8d44487d64f992330b9e42efd62ebd65ed1ef34c9ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-npSnaQRd7pPp4Zj3IeFu4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weakspell.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-npSnaQRd7pPp4Zj3IeFu4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:34:21 GMT
expires: Mon, 11 Dec 2023 22:34:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5999 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD78 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4304295325186814&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5999 0
10 B 30ms
30ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?H2VIjw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:34:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4304295325186814&bg=!z8ylzIPNAAY3kmNgF5I7ADQBe5WfOIz8476GApMlv-hUyq1Q_I6SN4xzzbvogFyTfeUUbKGaLoG9CXYXCx5F1zAoBpVjAgAAADhSAAAAAWgBB5kDBNrSyjnfKhCODpEexSUjz0bG6IAViDfWJtP33kE3hO3N71DrXdrbKtWxnFHU54O2Je6WOxalU8XW1JS60GVkNdwXBYH1DCkKd32PFTSMEQlC1lcdbCJp-XZ7NUKrC5wy35S0An-JqZ0n37s5rm9Oq0LfDKSorQJ0F-0mxngfSLQg4KOhe2oMfvqj3RFLD_rz7vfPVl_RanM1lrqnpDeBCUGbubZOtQxLbk2e7REahdaZx47qSorvnaN8WXBO_Q1SRK78hYbx030j7pcjQXY8NT_RdVwWdO-M-Ogoa5Nh9I8xbs7Ku6DWiicvNeNUz3RLNlB4nTLGAPTp9Z1pgvB9z6GAR0vWBTn_W83l1EtNBdjTRtdY38zi823oChglv8hc3viZ6DIJ07ag0UFZzC28HFcrFqi2tW0o57vnk8KTRDHKyMAYPVEVN7Mc4FTsc0foDbCUQlTAc0Ux6jWkGE8qy7uSFyZyp3A6t2wN_6UUdVI6QBYDbb_OdqAlLgBCtgiIC-OkMNKSWXAIgE6LsBgkGgWLnInq-9Ho7iK4MclfwljkZmLTMEQVWvVvtuSX84oLV5lHIlJZDp3QfcDMzHvup0PHo65qCiSzvyQGMRxdJBeL_9iwR19LThBysfRQHM-tNxm_Z2pgLZp174pAedbHnZyFSaCYMzOJFpVR_0FvtXq-WmDHeoiIdqitVWFVtFhPAB39fV2pkK2fuiiR3ukLkBP5r0I119BCqT72W9ZyPMCY7BNymKUOoHZTYcEy_pwJcCaGjsrx-Sd3L-r8CXE4dKr-XL6tLdTizyb6gmMhe4v8QKM4DyzzzHDw18eE1tdvT-1tQh0G9CX5PLYryko_U6c58QrC6BONQLkpMl2FUwjx5lSBj_ZDwrSGNJIqLeUXNlqhW61R427bcEuiPgDlIdUs1GTq9tulu47BVoKStv0FHAzFzyBy_0h_TGcQPRTzG8aXIygDR_T6eUCCwKMOI3-wUwMCDGJv0AhOnsjg3IpQPySD57F_PWC7PC8tnWZ4R2Sd_5E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://weakspell.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 124A 0
555 B 14ms
13ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fweakspell.org&e=wqT_3QKbB-ibAwAAAwDWAAUBCOuc3qsGEJDspq33wo_iZxgAKjYJpEm5LsJnwj8RtiaYrwXxwT8ZAAAAYGZm1j8htg0SACkRJNAxAAAAQOF6pD8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4sfMFgAEBigEDVVNEkgUG8FuYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFWh0dHBzOi8vd2Vha3NwZWxsLm9yZ4ADAIgDAZADAJgDCaADAaoDsAMKxgJodA0r8IZ3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0zNjA1NzU0MC1mZGEyLTQ0YTMtOGE1Ny05MzYxMTQzZjliZjkmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbmkVXBhwdWJsaXNoBSksMTYyNjQ1MzMwJnJJmnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ElfZXJkaHJmZ1lyaXJ5WTEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3NDc3MTY5NTUxODIxMDkyMzY4IgkzODE4NDY3MTQqBCFj8Mk6OFUyVmhjbU5vUVdRak56TTFPVGc0TmprME16VTJNemtqTWpNeU5UTTVPRE0zTXpneE56azBPUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBezJtuz8mqq7DsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBUj6BQQIABAAkAYAmAYAuAYAwQYADS8k0AbCjQTaBhYKEAURHQEBiWDgBgHyBgIIAIAHAYgHAKAHAcgHsfMF0gcNFWMBJgzaBwYIBQmo4AcA6gcCCADwB6fbBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=d5472a5823e37a66aeebbd7e88471928bff889e3&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=7989405191775150286&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:34:21 GMT
an-x-request-uuid: 709c53be-548e-423d-af48-2436bc2c87fd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.71; 95.211.146.71; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 124A
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4b6659b6-8ec4-4789-a399-ffac3aa447ac&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=36057540-fda2-44a3...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2ccd75a93f43471bb1351bc73c704750&tids=15000&med=10

0
18 B

62ms
62ms

Image
text/plain

2a02:26f0:480:1e::217:d1bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2ccd75a93f43471bb1351bc73c704750&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:1e::217:d1bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:34:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EEA4F4F3F0754D3691BDA34881D3197D Ref B: FRA31EDGE0820 Ref C: 2023-12-11T22:34:22Z
x-cdn-traceid: 0.3bd01702.1702334062.142e268
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 11 Dec 2023 22:34:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD99618F16EF4E3BA405CE915FD8C82B Ref B: VIEEDGE1909 Ref C: 2023-12-11T22:34:21Z
x-cdn-traceid: 0.3bd01702.1702334061.142e251
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2ccd75a93f43471bb1351bc73c704750&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 124A 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOFZevGGnbUCTpHeleTFsE7du_REn1eQTttC4goo-YFVpeVYXoCAJFb1heHA_Qu3jbOQEN84KU0a17hTZ0wn5Ev9OmYGLrHfEpw98zEuJilYjYyommSA&sig=Cg0ArKJSzErqMUMfOXa7EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702334060571&rpt=276&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:34:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: LV5FcfWDeno
.weakspell.org/	1970-01-21 02:28:14	Name: _ga_91L786K0G5 Value: GS1.1.1702334059.1.0.1702334059.0.0.0
.weakspell.org/	1970-01-21 02:28:14	Name: _ga Value: GA1.1.1717910162.1702334059
.weakspell.org/	1970-01-21 02:13:50	Name: __gads Value: ID=7272d5fe98fc5222:T=1702334059:RT=1702334059:S=ALNI_MZsOoncAnsw1bLMcSRgJoy9pXwhcQ
.weakspell.org/	1970-01-21 02:13:50	Name: __gpi Value: UID=00000d13b936b6cb:T=1702334059:RT=1702334059:S=ALNI_MZTgiT2ek5VkHET1lLTq_EQ4JDU4w
.doubleclick.net/	1970-01-21 02:13:50	Name: IDE Value: AHWqTUlk6wpDUpnIRcxX8Fkre0pg7xPVEVKGI6_OytMHR38E8_p-o4YTf5JRBzywJvI
.bing.com/	1970-01-21 02:13:50	Name: MUID Value: 1C651BB68DF465B11C1608528CEA64C2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ajax.googleapis.com
ams3-ib.adnxs.com
apis.google.com
cdn.adnxs.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pubtrky.com
region1.google-analytics.com
signaler-pa.youtube.com
tfmgqdj.com
tpc.googlesyndication.com
weakspell.org
www.bing.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
youradexchange.com
185.89.210.46
2001:4860:4802:32::36
23.211.9.60
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3034::6815:86c
2606:4700:3034::ac43:d436
2606:4700::6812:bcf
2606:4700:e6::ac40:c507
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a02:26f0:480:1e::217:d1bb
2a06:98c1:3120::3
2a06:98c1:3121::3
014b964e78f5aaec400b5d76826c854e40a765f58ef234edae3e9cd50e156a53
052c15676e8072a7124963c43d1057cf85f781cbdbe604d7aed078869cdce1a0
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f3dee60a00c2bac767711be68b0b41b79987e979379185da5e9b25fd8af6e39
1c84c86d4ff7e9d28c3c8c4288bd76184795baf185b46587670d43ea28ac34e6
1e6ec33e07808a9f0e2350fee16b883764682f99562dc0edcf61932027b41885
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2340b018fff5690619bc0a03259eb447410486b63d8d1f8ab75d96ac6370a9bd
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
25ab5707f8caa81d4c8ef4d9373254d130c294ed2ee997c807e068b149fdb4e8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34ba0d719d526e60f73bc0c3eb6c22d35fff9f97d685c0e01c9bcd8de6a35263
356698efd09203e102c0d2df8f7fbbd5f4a6ca5ba756a1f2ae82b1a01ae63ac6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e303bc293cdf4cfefbe10b5dc2aa5861190951c077c4ffe338b752511b188a2
3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
450cb9451ea9d92824a0b5b892c410d42aa20719148f6dfa785be41cd2ab79fa
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4898de6379443cb7d32c1571c03e6e1dd10146d586dc1c530542a4e2f28d7f2f
4969a21a8c25d18c2c45bdfcbfb74327b17c0b36961862d678332d07b622ab37
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58ae013b8e95b7667124263f632b49a10acf7da2889547f2d9e4b279708a29f0
5968b4c826f14a991a83b0ff27573bd4a20fd5bb16f79140d399c2e7413bed10
59ce6bdf8e3d17bb68667499c34a3ec32b9f7836dbca59d03237a4c9fffefd35
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634aada5ee03622a36b697c1c33e11ff9816a5d96bae7d4d7baefdf0637da638
65b1b111ff3ac107abc55c4d1643cfe058d0e987b510e5b227ea7670c1f3dbdc
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
79a9743c4b4b1a331e89d4fa6a6e92216a71dc6ed93a7a458b1b11e8f4f1ee8e
79ad1602a74b081867c077b27ac6e4f15a1cfbc63f3b12344e6ca21de13dbaa4
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
89bef961a6ef378dc60addf36a626670826da7cc5300bb036799fdbcc9655a20
8c851af847046612289548a6d50c4e77dc55a9efbb0bca9128723422cac4a4f5
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98901ddff67e245769a3e1f47aba0210653f817436ce288646fc0bb88e859cfa
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a2592b93b5f78c6fea9afe7755e9c68ce5a4497f7f6f508339bb4f78a0bced38
a9605ea0e23dc51de0e446906b9aa5c2719c5f9724aee8314dde75bcbe015dd7
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
aca59c855bb369887ed16528937399c32605e0b2bbed4a8b7f65f290ae362220
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b6ecc4abde3468769ff07bc6f76f694f1e738aef7ef71572bf2d20f5b9d69eb4
b90706d55c1e8b616bf8d677c195d09af8aa75bc669ba3a36a25480ca86f6926
bdbcd13010ab15b22fd1abcc9aec5beef8d2ca6cd8eeb12a46b10f43ab2c3b69
bf7f34e550f5f6bead66bbd8baa61274bf0cf3ae804661c4b441d240212b8010
c2460208b8d8f869d9c02d35b712aeab64cb08ebf653f3f64865ae375add7e05
c47564ecc26a15c0a2381733fbf821edfdcc17a4a8b946380b6308c6381517df
c666836c7180eca079c74ece8ddfa89afd963d18d61cf61b6fef43a9e79281af
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ce36d8fd1e25c92708e700962c786df43dab11630183b3b701efd33702657fb9
d47869cf1f724f4bb03ea5fba4b18f8038bec6ba45e0d814f6832461aec059f8
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d82c945f8e4d075d39f093b2c49816df7097fed738c4d9dc85b2e8697b38e7fa
dacaaf9e1405d112e654fa8dcbb1ba289d88175003a8ccdc8ea508cfbfa3708b
dafb96c90c0fabf0a61db6f2421c1de2f81955492a8b0eace1a71ecac6db5c4a
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dc6a31b9d818aec7f64712f1894cb52b55776d75c1b1fc58db8e2a6628038ca2
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e0cbfda7bfd7be1dcb66bbb507a74111fc4b2becbc742cd879751c3b4cbfa2f0
e2cc7f8fe276b668797a4cad6196f9449830528ba8ec76b1b5eaf71a9c91b089
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e812fd9790abd3c6f51a2f975ed2cf0869fd14ecfc83e548b377d1f8be82976f
ebb5457ea4c2b1961100f6d10f8302d77569bb3f3fae08d94fc2feb7d8a40746
ed2a5827e08b63ed39316df74e207c19c7ed0061b477807f68c918547c7a9347
eea10f57c4e2a6677142feec3f9353399d500be403c61c5456881396adf6fee3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02d4e35a4dcac52bacddecf4211f569f9cb6d009300eb6902b511615f8ee894
f1da6ed5b8202abb5f2d2b4e04f147621b55512e434eb99319e038c785a599f2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f885aa9c8ef261689af96cb5f0896db880edb2f6657c390adcbcff2f4056bdb1
f9337b93fad7cdb0e241b8d44487d64f992330b9e42efd62ebd65ed1ef34c9ce
fa5e82ef0285f1475581272019d7b674cc8191c2f7ba78f783799b28633a0898
fb18c5b0370816f69080ca2e66925a184e820faa99cffcaf7bee868bf0dab3ea
fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb

weakspell.org Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

98 %HTTPS

92 %IPv6

17 Domains

23 Subdomains

24 IPs

2 Countries

2958 kBTransfer

12624 kBSize

7 Cookies

6 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

weakspell.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

98 %
HTTPS

92 %
IPv6

17
Domains

23
Subdomains

24
IPs

2
Countries

2958 kB
Transfer

12624 kB
Size

7
Cookies

117 HTTP transactions
1 data transactions