URL: https://jamesmcgibney.com/isanyoneup
Submission Tags: @phishunt_io
Submission: On August 13 via api from DE — Scanned from NL

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 88 HTTP transactions. The main IP is 160.153.136.3, located in Amsterdam, Netherlands and belongs to GODADDY, DE. The main domain is jamesmcgibney.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 4th 2022. Valid for: a year.
This is the only time jamesmcgibney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
44 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 8529
isteam.wsimg.com — Cisco Umbrella Rank: 16136
img6.wsimg.com — Cisco Umbrella Rank: 10509
465 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
328 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
68 KB
6 gstatic.com
www.gstatic.com
38 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
2 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12055
584 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
87 KB
2 google.nl
adservice.google.nl — Cisco Umbrella Rank: 13999
914 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
650 B
1 jamesmcgibney.com
jamesmcgibney.com
27 KB
88 11
Domain Requested by
41 img1.wsimg.com 3 redirects jamesmcgibney.com
img1.wsimg.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 pagead2.googlesyndication.com jamesmcgibney.com
pagead2.googlesyndication.com
img1.wsimg.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 events.api.secureserver.net img1.wsimg.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.nl pagead2.googlesyndication.com
2 img6.wsimg.com jamesmcgibney.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 isteam.wsimg.com jamesmcgibney.com
1 jamesmcgibney.com
88 15
Subject Issuer Validity Valid
jamesmcgibney.com
Go Daddy Secure Certificate Authority - G2
2022-08-04 -
2023-08-04
a year crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2
2021-09-24 -
2022-10-26
a year crt.sh
*.isteam.wsimg.com
Starfield Secure Certificate Authority - G2
2022-01-28 -
2023-03-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.nl
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2
2022-08-05 -
2023-09-06
a year crt.sh

This page contains 10 frames:

Primary Page: https://jamesmcgibney.com/isanyoneup
Frame ID: 3A7FCFB97596F17AB04C3317AAF3CBC2
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: E8110422565EDA50142020AB3D2C90B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8164155337657093&output=html&adk=1812271804&adf=3025194257&lmt=1660420394&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fjamesmcgibney.com%2Fisanyoneup&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660420394708&bpp=3&bdt=427&idt=125&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3193402735319&frm=20&pv=2&ga_vid=865587938.1660420395&ga_sid=1660420395&ga_hid=138243886&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068937%2C31062930&oid=2&pvsid=3206753992587278&tmod=1964437132&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=171
Frame ID: ADE291F1A2929100C6CB5D8AD2E0D95E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 715BE90A9F465DC0A3D38EED7D7B4BC0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6E38D65FD4ADA69D1D94CA5A46F6AB0F
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: F36B158FAD5EF464AFF9A7589E27EF09
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9039C733A27E0AB8CF0CBEF9E03B3106
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Frame ID: A0753BCF993A1F40E2D9B385EFE7482C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0171E7181E0759E3D2D0337248C5E053
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1D3D36682F7FE2194E7FBA65C49FCDE
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

ISANYONEUP

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

88
Requests

98 %
HTTPS

71 %
IPv6

11
Domains

15
Subdomains

14
IPs

5
Countries

1018 kB
Transfer

2736 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
Request Chain 38
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Request Chain 77
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

88 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request isanyoneup
jamesmcgibney.com/
209 KB
27 KB
Document
General
Full URL
https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.136.3 Amsterdam, Netherlands, ASN20773 (GODADDY, DE),
Reverse DNS
ip-160-153-136-3.ip.secureserver.net
Software
DPS/1.13.2 /
Resource Hash
d14cca2b7e2cc400051136e50515149138bd9c4ac8e490a6849733d1c605e14a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=30
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html;charset=utf-8
date
Sat, 13 Aug 2022 19:53:14 GMT
etag
89710184409e5a254acd54ba86f023b6
link
<//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/greatvibes/v14/RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
server
DPS/1.13.2
vary
Accept-Encoding
x-siteid
4000
UX.4.26.0.js
img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/
292 KB
90 KB
Script
General
Full URL
https://img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92c697999cba6a93e8c8b01545784015bd6d5c45e68d1c36cce21e34eae7f9c9

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"a5944cab21058778f1a53c971bfc02a6"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
91118
last-modified
Mon, 08 Aug 2022 21:10:51 GMT
x-amzn-trace-id
Root=1-62f17bda-4610546c7fa2ce12182248c5
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2
img1.wsimg.com/gfonts/s/cabin/v26/
15 KB
15 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 18:41:36 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15168
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
img1.wsimg.com/gfonts/s/lato/v23/
24 KB
24 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 15:50:25 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
24408
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
img1.wsimg.com/gfonts/s/lato/v23/
24 KB
24 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 16:41:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
24448
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
S6u8w4BMUTPHh30AXC-q.woff2
img1.wsimg.com/gfonts/s/lato/v23/
21 KB
22 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 15:46:26 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
21508
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
img1.wsimg.com/gfonts/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23236
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
S6uyw4BMUTPHjx4wXg.woff2
img1.wsimg.com/gfonts/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23580
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
img1.wsimg.com/gfonts/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23040
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
img1.wsimg.com/gfonts/s/lato/v23/
22 KB
23 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
22504
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2
img1.wsimg.com/gfonts/s/greatvibes/v14/
33 KB
33 KB
Font
General
Full URL
https://img1.wsimg.com/gfonts/s/greatvibes/v14/RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
553fd833571d149d17f3dfd32a4d92422431dc852be5b1af1576b2298c65c4d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2022 16:28:35 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
33404
x-xss-protection
0
expires
Sun, 13 Aug 2023 19:53:14 GMT
qt=q:95
isteam.wsimg.com/ip/0342afd4-a189-41d0-a165-7baf5faaa611/circle-cropped.png/:/rs=w:104,h:104,cg:true,m/cr=w:104,h:104/
8 KB
8 KB
Image
General
Full URL
https://isteam.wsimg.com/ip/0342afd4-a189-41d0-a165-7baf5faaa611/circle-cropped.png/:/rs=w:104,h:104,cg:true,m/cr=w:104,h:104/qt=q:95
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.34.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-34-86.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c0c615d139a645471cc39be58e83a6e54c6a0a1850530217daa8ba66852ff1ee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.4.4+sha-cbf667a
date
Sat, 13 Aug 2022 19:53:14 GMT
access-control-request-method
GET
etag
2230644736
x-isteam-meta
{"orientation":1}
x-height
104
vary
Accept
x-width
104
content-type
image/webp
access-control-allow-origin
*
access-control-max-age
864000
cache-control
public,max-age=31536000
content-length
7956
x-track-origin-referer
https://jamesmcgibney.com/
rs=w:400,cg:true
img1.wsimg.com/isteam/ip/0342afd4-a189-41d0-a165-7baf5faaa611/R.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/
18 KB
18 KB
Image
General
Full URL
https://img1.wsimg.com/isteam/ip/0342afd4-a189-41d0-a165-7baf5faaa611/R.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:400,cg:true
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c4a7da01bb50d590eedaf6598fbda665b4c295061e526c2111137024ec3ea8d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.4.4+sha-cbf667a
date
Sat, 13 Aug 2022 19:53:14 GMT
access-control-request-method
GET
x-height
225
edge-cache-tag
/isteam/ip/0342afd4-a189-41d0-a165-7baf5faaa611/R.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:400,cg:true
content-length
18250
x-width
400
x-isteam-meta
{"orientation":1}
etag
332122361
access-control-max-age
864000
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-track-origin-referer
https://jamesmcgibney.com/
ll=n:true
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1340,h:695,cg:true,m,i:true/qt=q:1/
292 B
629 B
Image
General
Full URL
https://img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1340,h:695,cg:true,m,i:true/qt=q:1/ll=n:true
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a2495b5dc7c50c2e56e361f597fe00cb71fd4fdb8f87344e015776188d2e197

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.4.4+sha-cbf667a
date
Sat, 13 Aug 2022 19:53:14 GMT
access-control-request-method
GET
x-height
695
edge-cache-tag
/isteam/ip/static
content-length
292
x-width
1340
x-isteam-meta
{"orientation":1}
etag
3815454109
access-control-max-age
864000
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-track-origin-referer
https://jamesmcgibney.com/
ll=n:true
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:400,h:225,cg:true,m,i:true/qt=q:1/
44 B
352 B
Image
General
Full URL
https://img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:400,h:225,cg:true,m,i:true/qt=q:1/ll=n:true
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2d89ab7aff69442bf33b2e54446ee41f95bd0c3ff49b47146cfa052bf405245

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.4.4+sha-cbf667a
date
Sat, 13 Aug 2022 19:53:14 GMT
access-control-request-method
GET
etag
4063848699
x-height
225
access-control-max-age
864000
edge-cache-tag
/isteam/ip/static
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://jamesmcgibney.com/
x-width
400
timing-allow-origin
*
content-length
44
expires
Sun, 13 Aug 2023 19:53:14 GMT
ll=n:true
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:400,h:704,cg:true,m,i:true/qt=q:1/
264 B
574 B
Image
General
Full URL
https://img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:400,h:704,cg:true,m,i:true/qt=q:1/ll=n:true
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a729bd33a9515ab604694cae0fd2f2fb6b5ab17a7e24c7db332bb3726dd4a76

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.4.4+sha-cbf667a
date
Sat, 13 Aug 2022 19:53:14 GMT
access-control-request-method
GET
etag
2629598074
x-height
704
access-control-max-age
864000
edge-cache-tag
/isteam/ip/static
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://jamesmcgibney.com/
x-width
400
timing-allow-origin
*
content-length
264
expires
Sun, 13 Aug 2023 19:53:14 GMT
ll=n:true
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:400,h:201,cg:true,m,i:true/qt=q:1/
44 B
352 B
Image
General
Full URL
https://img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:400,h:201,cg:true,m,i:true/qt=q:1/ll=n:true
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
baafe03efbc7065f3cb275f7cffb23f83455d8c723c531dbacfaa46c6f5824b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.4.4+sha-cbf667a
date
Sat, 13 Aug 2022 19:53:14 GMT
access-control-request-method
GET
etag
1699558429
x-height
201
access-control-max-age
864000
edge-cache-tag
/isteam/ip/static
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://jamesmcgibney.com/
x-width
400
timing-allow-origin
*
content-length
44
expires
Sun, 13 Aug 2023 19:53:14 GMT
script.js
img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/
59 KB
15 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e6ad35ae407a202decf24b79ba928c8518adebbedb37beded558e867a6db354

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"95ecfb0446566db46c2c1c7b075038a3"
x-forwarded-for
64.202.160.111
access-control-max-age
86400
x-forwarded-proto
https
content-length
14719
last-modified
Tue, 09 Aug 2022 22:13:54 GMT
x-amzn-trace-id
Root=1-62f2dc21-270e11e22b6178ef7671c23b
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
script.js
img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/a98c2b78422aba16/
25 KB
5 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/a98c2b78422aba16/script.js
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2eab5262e9d484d0418196035d123194b3284260b1ec65f3898491c9611063f8

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"0c3712ce3f483e000bd2efee57596946"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
4868
last-modified
Tue, 09 Aug 2022 22:13:54 GMT
x-amzn-trace-id
Root=1-62f2dc21-3b0ac93f77dbaa3c4063a11e
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
170 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64bd531d732540e012dd0c43588f3c79c9b3f5601d3de378dffc6dd01c8b3b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57399
x-xss-protection
0
server
cafe
etag
17469396948352353180
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 19:53:14 GMT
tccl.min.js
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
44 KB
11 KB
Script
General
Full URL
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
135
x-amz-version-id
Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-encoding
br
etag
"362d20193a8fed115f99b16a157b7fc4"
x-amz-request-id
N5JSXGJTVEFZM8E9
x-edgeconnect-midmile-rtt
15
x-amz-server-side-encryption
AES256
date
Sat, 13 Aug 2022 19:53:14 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
11155
x-amz-id-2
73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
last-modified
Mon, 11 Apr 2022 14:15:53 GMT
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
date
Sat, 13 Aug 2022 19:53:14 GMT
cache-control
max-age=1800
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
expires
Sat, 13 Aug 2022 20:23:14 GMT
bs-layout22-Theme-publish-Theme-70991b3b.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/
14 KB
5 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout22-Theme-publish-Theme-70991b3b.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b3fa00681128f7b43422a70a5463904cc1d9fb9ab2bb35859d7832e215af16d3

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"4e56ddb045b48f1074f336a33249e577"
x-forwarded-for
64.202.160.105
access-control-max-age
86400
x-forwarded-proto
https
content-length
4161
last-modified
Mon, 13 Dec 2021 22:58:59 GMT
x-amzn-trace-id
Root=1-61b7d032-69504979657255664e00b9ef
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-_rollupPluginBabelHelpers-5f52e4cb.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
583 B
828 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-5f52e4cb.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
72c6df194818462d86074eaf05fc75f13cabc26431999b329e51a0c26a9f4c81

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"4a37f23cb638c625fc8451584283e359"
x-forwarded-for
64.202.160.108
access-control-max-age
86400
x-forwarded-proto
https
content-length
377
last-modified
Mon, 08 Aug 2022 18:52:52 GMT
x-amzn-trace-id
Root=1-62f15b83-003dc2ab5af787e05b944251
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-humanisticFilled-231afaba.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
12 KB
5 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-231afaba.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5712a0dcf37ac601a9e017fba9f9276c9206a730adf495186421af66d4b3f49e

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"9f94046aea26739ac8888a6d3ed17e16"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
4754
last-modified
Thu, 14 Oct 2021 23:04:37 GMT
x-amzn-trace-id
Root=1-6168b784-518004aa22c71fe9760b296c
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-index-d15d4cb0.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
876 B
1 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-d15d4cb0.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df2bb9597a554b46bd807cfd97ec6e3f7194ccc218b95d7f1e899657c1cf9fcc

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"f806faab29346709aa36f154927b3ac6"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
579
last-modified
Thu, 14 Oct 2021 23:04:34 GMT
x-amzn-trace-id
Root=1-6168b781-363fae662be9e06319f5a063
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-index3-98b416a8.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
237 KB
57 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-98b416a8.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bccc3f322140ffc7ffab57c9a9b37c0dbd576a2474522d917f064b51d8c7274

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"e0201f84421293da324b0057e86fe74a"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
58295
last-modified
Thu, 28 Jul 2022 19:30:36 GMT
x-amzn-trace-id
Root=1-62e2e3db-723b36273c4dfffd08f32895
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-legacyOverrides-17961cd1.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
324 B
709 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-legacyOverrides-17961cd1.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7727f84eac14fe82243924684b431eeefa12f779c0cabc62f684db7d3aab8369

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"e0dd176c6926b0363adaf4f9aaef6ee1"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
259
last-modified
Thu, 14 Oct 2021 23:04:42 GMT
x-amzn-trace-id
Root=1-6168b789-7229267e4f6e6dbd7af15ccd
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-minimalSocialIconPack-367b65a4.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
19 KB
7 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a94e9e0d7e80fb8129f6c33f78f6b03f08c2eb5722870ccfa7cc2893190c9c20

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"5fd30bb38eba06e3522ae28610ac8c74"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
6724
last-modified
Thu, 14 Oct 2021 23:04:38 GMT
x-amzn-trace-id
Root=1-6168b785-0155fcbf6cbeb78d408f219e
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-overlayTypes-e1dbe765.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
437 B
784 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0fe26f07b9e5d49590f55d31cbc381ca9337850f89b09940e3b384fcd6d26464

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"21ad22788e6caa18a4e9e57f7372b108"
x-forwarded-for
64.202.160.105
access-control-max-age
86400
x-forwarded-proto
https
content-length
335
last-modified
Mon, 13 Dec 2021 22:59:02 GMT
x-amzn-trace-id
Root=1-61b7d035-018188ae176241301ebce646
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
Carousel-d4bbd8a7.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/
22 KB
7 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-d4bbd8a7.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
45fdf429ea31a8420360906b107e29613cf94ac1b2def6c7bf24076c65ee9346

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"e579cd3f9ea8e112675b529fc85417c3"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
7054
last-modified
Tue, 26 Jul 2022 18:34:15 GMT
x-amzn-trace-id
Root=1-62e033a6-2a4cf0c1004db6f253765cdc
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
ColorSwatch-fad18f03.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/
1 KB
1 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-fad18f03.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
661d4f07da2beafd9ec00bfe44d955375c809c5f5c014b64cf5595c342b8800e

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"54f17c61775c71ad74e89f6ca7d47649"
x-forwarded-for
64.202.160.105
access-control-max-age
86400
x-forwarded-proto
https
content-length
640
last-modified
Fri, 10 Dec 2021 22:26:46 GMT
x-amzn-trace-id
Root=1-61b3d425-4196caee6b9445880f09a33c
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-dataAids-6a839d53.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
2 KB
1 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b54aeacfda01be53800632989a82f6f5a7f92e927159a37a4324b38d3dffef8

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"edc15ad5daac3cfa744bffdb1e0174be"
x-forwarded-for
64.202.160.105
access-control-max-age
86400
x-forwarded-proto
https
content-length
626
last-modified
Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id
Root=1-61b7d033-2da3a4b6382be71e0d8c5ecb
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-index2-5a810c82.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
1 KB
1 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-5a810c82.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03f278836505e268d8b286774cf646016c5cc65bf893b7541be1a2a63cc66d4c

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"da82f14f261b7847fc0bc55dac30a9b3"
x-forwarded-for
64.202.160.105
access-control-max-age
86400
x-forwarded-proto
https
content-length
713
last-modified
Mon, 13 Dec 2021 22:59:04 GMT
x-amzn-trace-id
Root=1-61b7d037-31e2e89a06b12bc27efaa2ca
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-navigationDrawer-27f5f1f5.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
221 B
639 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
265995eb76326e95613750f6f6570b850f5c22280d262de9b9632a16ceb98b9b

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"8f12765eb30fbdcfcdc116d13f7fc272"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
191
last-modified
Thu, 28 Jul 2022 17:59:29 GMT
x-amzn-trace-id
Root=1-62e2ce80-4ef8fc4a33c151912970138f
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-searchFormLocations-c86f2a99.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
304 B
695 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
604281887cd770ed21601933e9636a7a9c8a57a30d7d796ae7d760eef64d5089

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"daa79ad7558674f6a12d962abf47f2f6"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
244
last-modified
Thu, 14 Oct 2021 23:04:37 GMT
x-amzn-trace-id
Root=1-6168b784-1438c006715eea557e6c9f7f
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
_commonjsHelpers-758665cc.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/
960 B
969 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-758665cc.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a5073ecd65b21a2428f0bf47e80529969efe3635cf67ad6107794313ee2a81a

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"894d1fecf13beb6804e454d74bab4fc5"
x-forwarded-for
64.202.160.111
access-control-max-age
86400
x-forwarded-proto
https
content-length
518
last-modified
Thu, 20 May 2021 16:49:33 GMT
x-amzn-trace-id
Root=1-60a6931c-2dfc069918f926cb337de793
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
_react_commonjs-external-3d5a31a2.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/
266 B
660 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-3d5a31a2.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4e27234e0ab2fe43d9be026b4d681da6e11025895d1c766324811bd0eb7e50a

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"889d83416d141ae9c1e8e3eb5c4f68c0"
x-forwarded-for
64.202.160.111
access-control-max-age
86400
x-forwarded-proto
https
content-length
212
last-modified
Wed, 24 Feb 2021 19:34:55 GMT
x-amzn-trace-id
Root=1-6036aa5e-4e3aabaf2f33643a300f2279
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
_rollupPluginBabelHelpers-92db7618.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/
565 B
826 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-92db7618.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
897a8eae55815ac35bef8d185781dac77b2ea64000ac0160bf8294b4da821bd2

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"95e155e942e2f3d810d854bd7baf8f04"
x-forwarded-for
64.202.160.108
access-control-max-age
86400
x-forwarded-proto
https
content-length
376
last-modified
Wed, 24 Feb 2021 19:34:54 GMT
x-amzn-trace-id
Root=1-6036aa5d-248bcb407aeca8241d304317
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
interopRequireDefault-112e3bdc.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/
338 B
705 B
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-112e3bdc.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e1880867f402b6bfd7089b2d6f9b387bc6fdcbfb7a67e95486a5bc5696c3e16

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"11ccc819361ff3f58653d84601c90234"
x-forwarded-for
64.202.160.111
access-control-max-age
86400
x-forwarded-proto
https
content-length
255
last-modified
Tue, 09 Mar 2021 21:39:32 GMT
x-amzn-trace-id
Root=1-6047eb13-42a9ed893514533d651f3c03
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
tti.min.js
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
24 KB
8 KB
Script
General
Full URL
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H2
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
654
x-amz-version-id
F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding
br
etag
"ce554d2333f3801abafb32da18213ff7"
x-amz-request-id
XNK8Z8KQATPTCZRH
x-edgeconnect-midmile-rtt
3
x-amz-server-side-encryption
AES256
date
Sat, 13 Aug 2022 19:53:14 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7498
x-amz-id-2
Bt3x3iTv8Fk+aaaS+GUkBMe+ASr0HEMDh339t8gjL9ozG+jBiKIjzxbTtgmm6ZRh5XVuxORtokQ=
last-modified
Wed, 16 Jun 2021 22:03:01 GMT
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
date
Sat, 13 Aug 2022 19:53:14 GMT
cache-control
max-age=1800
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
expires
Sat, 13 Aug 2022 20:23:14 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
964233060ac72d086ce4b5b7d74664c80796dcb718235fa2b32e86fce067cc46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122685
x-xss-protection
0
server
cafe
etag
7761398567051749921
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 19:53:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame E811
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
64503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 01:58:11 GMT
etag
8616628553774171045
expires
Sat, 27 Aug 2022 01:58:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bs-LinkAwareComponent-c879a9d1.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/
2 KB
1 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-c879a9d1.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4666b9bd872ebf01ad511b5b7628c5e19362aa01b05a6edc2a266527780e1865

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"db9b98d640eba155278db0bbaa83050d"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
891
last-modified
Tue, 08 Mar 2022 16:16:57 GMT
x-amzn-trace-id
Root=1-62278178-78898aaa78d117a566634235
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-FlyoutMenu-Component-266b929e.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/
3 KB
2 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-266b929e.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7b54b29718e20c7deb19de55648211d23a008becc9ad6bfde01a72a09072b2b

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"d2f3f3bb13567c7c3ba8c50de05a8272"
x-forwarded-for
64.202.160.105
access-control-max-age
86400
x-forwarded-proto
https
content-length
1272
last-modified
Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id
Root=1-61b7d033-2b00d29f0bf8ee864a58d40c
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
bs-Toggle-bde2cb32.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/
2 KB
1 KB
Script
General
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-bde2cb32.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/0342afd4-a189-41d0-a165-7baf5faaa611/gpub/901aede2b2f0c5d5/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.16 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ce79703bf9ef25c61ba4feed40992772b9231110f6aab72b714d9517219b3f9

Request headers

Referer
https://jamesmcgibney.com/
Origin
https://jamesmcgibney.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-version
0.7.1+sha-f8fdc16
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
etag
"70bc240b39fd393f6e3003cc69e4fe73"
x-forwarded-for
64.202.160.109
access-control-max-age
86400
x-forwarded-proto
https
content-length
1020
last-modified
Fri, 29 Jul 2022 16:58:40 GMT
x-amzn-trace-id
Root=1-62e411bf-092c235955a8dd6b4bde9a5a
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 13 Aug 2023 19:53:14 GMT
cookie.js
partner.googleadservices.com/gampad/
221 B
650 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=jamesmcgibney.com&callback=_gfp_s_&client=ca-pub-8164155337657093
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
12fe26e1d9e05c57cd76dfb511849e64eb821f462bb2c77a13bf7d64b988d7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=jamesmcgibney.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jamesmcgibney.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 19:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ADE2
228 KB
55 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8164155337657093&output=html&adk=1812271804&adf=3025194257&lmt=1660420394&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fjamesmcgibney.com%2Fisanyoneup&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660420394708&bpp=3&bdt=427&idt=125&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3193402735319&frm=20&pv=2&ga_vid=865587938.1660420395&ga_sid=1660420395&ga_hid=138243886&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068937%2C31062930&oid=2&pvsid=3206753992587278&tmod=1964437132&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09bdff327fa90efd05732a68a741076aab1994b6e3806cf162a29436ad111ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
55927
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 19:53:15 GMT
expires
Sat, 13 Aug 2022 19:53:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/
150 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/reactive_library_fy2021.js?bust=31068937
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36f7924b6fb0f22bfcf2eed52270c121a726f7b46c08123ac0b2b6cdc733412e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54623
x-xss-protection
0
server
cafe
etag
10605139464451297423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 19:53:15 GMT
integrator.js
adservice.google.nl/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=jamesmcgibney.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 19:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jamesmcgibney.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 19:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/ Frame 715B
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
3961
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 18:47:14 GMT
etag
8616628553774171045
expires
Sat, 27 Aug 2022 18:47:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/ Frame 6E38
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
3961
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 18:47:14 GMT
etag
8616628553774171045
expires
Sat, 27 Aug 2022 18:47:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 715B
4 KB
709 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 19:11:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 19:53:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 19:53:15 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 715B
205 B
743 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 16:22:46 GMT
x-content-type-options
nosniff
age
12629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 13 Aug 2023 16:22:46 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 715B
604 B
695 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:27:43 GMT
x-content-type-options
nosniff
age
19532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 13 Aug 2023 14:27:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 715B
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:47:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
14969459707636190018
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:47:27 GMT
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame 6E38
12 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 23:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 20:45:35 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame 6E38
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 23:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 20:45:35 GMT
css
fonts.googleapis.com/ Frame 6E38
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 19:11:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 19:53:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 19:53:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6E38
2 KB
983 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:20:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 6E38
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:49:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6E38
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:49:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6E38
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:50:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:50:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E38
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 19:53:15 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 6E38
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 11:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 05:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 11 Nov 2022 11:35:36 GMT
css
fonts.googleapis.com/ Frame F36B
6 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 19:11:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 19:53:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 19:53:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame F36B
2 KB
936 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:20:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame F36B
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:49:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame F36B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:49:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame F36B
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:50:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:50:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F36B
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 19:53:15 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame F36B
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 11:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 05:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 11 Nov 2022 11:35:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6E38
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClO2XKgH4YtDCPOKB1fAP37ejwAyItKXJa464hNOWDpCSyePCARABIK3KqpIBYJGEoIWMGKABkMOH_QPIAQGpArGAilNzNrE-qAMBqgSHAk_Qa0-bWW91PIuRrifkMP_F-eMtnVe5zXlrzeeMZv4XIPyKv2Tdw5FtxSre6BWWhOZ_WVjSDD9jcyKyaGfHE1ULXUL5kvcsDMgYHsDSjRFyvdZzUW4dT5SUOnDczJ4Q4spR1pbPWKnh9SjL2fvn09Zkot0E2okwqRDAtUSg-MmxUcoXjHQB2rLgzQ5Zl4taTiLdOuh4pbpdKuFC22M4yTpfZWXWIa98Bi9XoikGX3tY3luxz5QKJTzu-3hcymXqAyRdiwWKA3bUEXw7BquR4Bj1mN6OmhS7lq4PyrJ8g1tvxFnXiLQHm553FvK0W6SvWOUig0LYWFoe1K8iLLm0w4LrnSmYpEJwwASNztu9zAOSBQQIBBgBkgUECAUYBIAH2Lz4AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOumC9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTgxNjQxNTUzMzc2NTcwOTMYAA&sigh=amBufMG3G8o&uach_m=[UACH]&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Aug 2022 19:53:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 13 Aug 2022 19:53:15 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9039
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
843
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 19:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
event
events.api.secureserver.net/t/1/tl/
43 B
292 B
XHR
General
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1660420394789&dh=jamesmcgibney.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&vci=1687871934&cv=2.0.0&z=1008742903&vg=3823b8a2-7c92-5450-b2ca-ea054fb9c3c7&vtg=3823b8a2-7c92-5450-b2ca-ea054fb9c3c7&dp=%2Fisanyoneup&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%220342afd4-a189-41d0-a165-7baf5faaa611%22%2C%22pd%22%3A%222022-08-09T22%3A13%3A53.176Z%22%2C%22meta.numWidgets%22%3A17%2C%22meta.theme%22%3A%22layout22%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&hit_id=55761cd7-d819-505d-89c5-32ee235ea80e&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Sat, 13 Aug 2022 19:53:16 GMT
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://jamesmcgibney.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa400acc21c3c93305bc6601210eeedb76c6d3a817f8675807be4fec4e53030b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 19:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11121
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9039
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 19:53:16 GMT
expires
Sat, 13 Aug 2022 19:53:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 19:53:16 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame A075
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: jamesmcgibney.com
URL: https://jamesmcgibney.com/isanyoneup
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 19:39:00 GMT
event
events.api.secureserver.net/t/1/tl/
43 B
292 B
XHR
General
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1660420395990&dh=jamesmcgibney.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&vci=1687871934&cv=2.0.0&z=408292613&vg=3823b8a2-7c92-5450-b2ca-ea054fb9c3c7&vtg=3823b8a2-7c92-5450-b2ca-ea054fb9c3c7&dp=%2Fisanyoneup&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%220342afd4-a189-41d0-a165-7baf5faaa611%22%2C%22pd%22%3A%222022-08-09T22%3A13%3A53.176Z%22%2C%22meta.numWidgets%22%3A17%2C%22meta.theme%22%3A%22layout22%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&hit_id=66c5f06a-10c9-52e7-8b8b-7264901bc5ce&ht=perf&tce=1660420394242&tcs=1660420394184&tdc=1660420395985&tdclee=1660420394790&tdcles=1660420394789&tdi=1660420394722&tdl=1660420394282&tdle=1660420394184&tdls=1660420393961&tfs=1660420393961&tns=1660420393961&trqs=1660420394242&tre=1660420394309&trps=1660420394279&tles=1660420395986&tlee=0&nt=navigate&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Sat, 13 Aug 2022 19:53:16 GMT
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://jamesmcgibney.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8164155337657093&plah=jamesmcgibney.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 19:53:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0171
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jamesmcgibney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 19:38:59 GMT
expires
Sun, 13 Aug 2023 19:38:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F1D3
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
63508b488022ba48b4eddffa219d934eb3723aca66ddfd237db5f717d28d3cf8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IaPaT85M_Hdj-6VjcLbn1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jamesmcgibney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-IaPaT85M_Hdj-6VjcLbn1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 19:53:16 GMT
expires
Sat, 13 Aug 2022 19:53:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame 0171
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 19:39:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F1D3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=3206753992587278&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 0171
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?K02UZA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:53:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=3206753992587278&bg=!1Nel15PNAAa4hXTbmIU7ACkAdvg8WnGoe37K_EvFCyJFFeuSaDK17Bp1fm1hh8-1II4Hfa-yEavawAIAAABMUgAAAAJoAQcKAH_jnjOOaVF5gqjyQYeAM5xIKZM-DUDu-HqHRsQp0QFK0ld0c5D-GM2M-uzLRYbiPzNsp2CQQFFd3gnNqTjnSXsGuxEhIUFZl2VNEkH3F3qy7HdVopWnRIA1APDJr3LmphRuuFKf1LODKvg7OuklK4322pEJPsM_MSP4aeAlZGOsmQLSSfhNW4oatQATMUI8qHDnXj_LBi6GK0NmUSPmso_1JIZsf_ZtDdj0ucoFuIVlZKXNBNIJOBQvOUfKFJ2HbJ_BG2F42u1DmZ5iUrcvng8couvSsw1lRur8qvWK5X0OjBPPmL-W3HN4CGGTlUYlsOEGPci8x5EmAdT2Yu8TMFlP-wdcyC-xHKEc2sn3p2hTkFvnLvHTfkF1JnaUeU62BQLmGXSRnNLNI9-WtvGkPcPQSgkYiEsDoRBhqxGXAj67hCoNOqfEgYakHXf8rCx1aExu_1eVzJot65-QoCUQ-DScgyk9MUTTAnEtOOulx4xb8X5BJkKBfB44fpXLWW92Z8-UBbuq76dm9j7Djfm9Fy1jQ0iesru_2P_vYZxjyTmVNDJuXbuF9kPMo3j8rwa-w4h8OYrxMBj774hD3QcnficYFzx9zJ6rQ-zynIX2ck2bfm7ER2JOraT0Y4WhHpd_eKqCnJbmy1Hc0rUbfg3cEIMRTrLZ2kTyyrwjmv9rZSqJbkztafYjTsxJZ6GJvr4jLDiAfJpX9NnRyqOLLMXNdgcL-Izl-JLY_Y43_iaQ6fyLHftAuQGjygeooj3U_bJPS-5ZgX34TOzhKw10y_xW4X89yrb9jcg2sMxP41_9T6IC_iwJJ3IFjhU_A-U33O-__P9UXBgT3tZaCo9L_ToXy3jg9Scfcxv7vkNZks015E7Z63Tpdzx8PDZ5pq9ep8iIM8qn0AjshxLcXqS2ugmI4Nn9rODGEImmlvdlq-o4fBKa1knCpS0-uC2LEvq2eMy35BqDhFSuGqACYhjv472qgurGp2hC8JqDiAxRQoPLk4lz07yjH-K0fJVcJ_XV4LEd6qIPvdfGA-okidkq9MU9E0QqKuaY2-YWq9IYtqLEMKvQYJcT9fXj2mpKWG5cVHIyGWXKeW4X5W1nIgBgteJApF75sCDGNqXi9bgKsuLJ70z9CCS4iYU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jamesmcgibney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| trackingEnabledForType function| logTcclEvent function| radpack object| networkInfo object| _trfq object| _trfd function| define object| Core object| React object| ReactDOM function| keyMirror function| _ object| PropTypes object| Dials function| cxs object| wsb object| t object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| global boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| tccl object| tti function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp number| google_lpabyc object| googletag object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
jamesmcgibney.com/ Name: dps_site_id
Value: 4000
.jamesmcgibney.com/ Name: _tccl_visitor
Value: 3823b8a2-7c92-5450-b2ca-ea054fb9c3c7
.jamesmcgibney.com/ Name: _tccl_visit
Value: 3823b8a2-7c92-5450-b2ca-ea054fb9c3c7
.jamesmcgibney.com/ Name: __gads
Value: ID=cbdd0d4078d9caaf-22650c89f1cd00d7:T=1660420394:RT=1660420394:S=ALNI_MaKZhi2_zZjZGIx3iHDuEYxYm2VRQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkRkXNUmuJMS3rVPlA7_KIa0u8b3ybuVoiseJURAZ63jTGv55Jay8F758D8Tsc
.doubleclick.net/ Name: DSID
Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
events.api.secureserver.net
fonts.googleapis.com
googleads.g.doubleclick.net
img1.wsimg.com
img6.wsimg.com
isteam.wsimg.com
jamesmcgibney.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.34
160.153.136.3
2.18.79.16
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:400e:800::200a
2a02:26f0:6c00::210:baf2
35.157.34.86
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
03f278836505e268d8b286774cf646016c5cc65bf893b7541be1a2a63cc66d4c
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09bdff327fa90efd05732a68a741076aab1994b6e3806cf162a29436ad111ea8
0bccc3f322140ffc7ffab57c9a9b37c0dbd576a2474522d917f064b51d8c7274
0fe26f07b9e5d49590f55d31cbc381ca9337850f89b09940e3b384fcd6d26464
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
12fe26e1d9e05c57cd76dfb511849e64eb821f462bb2c77a13bf7d64b988d7a6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
265995eb76326e95613750f6f6570b850f5c22280d262de9b9632a16ceb98b9b
2a2495b5dc7c50c2e56e361f597fe00cb71fd4fdb8f87344e015776188d2e197
2eab5262e9d484d0418196035d123194b3284260b1ec65f3898491c9611063f8
36f7924b6fb0f22bfcf2eed52270c121a726f7b46c08123ac0b2b6cdc733412e
3b54aeacfda01be53800632989a82f6f5a7f92e927159a37a4324b38d3dffef8
45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661
45fdf429ea31a8420360906b107e29613cf94ac1b2def6c7bf24076c65ee9346
4666b9bd872ebf01ad511b5b7628c5e19362aa01b05a6edc2a266527780e1865
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
553fd833571d149d17f3dfd32a4d92422431dc852be5b1af1576b2298c65c4d3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5712a0dcf37ac601a9e017fba9f9276c9206a730adf495186421af66d4b3f49e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
604281887cd770ed21601933e9636a7a9c8a57a30d7d796ae7d760eef64d5089
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63508b488022ba48b4eddffa219d934eb3723aca66ddfd237db5f717d28d3cf8
64bd531d732540e012dd0c43588f3c79c9b3f5601d3de378dffc6dd01c8b3b57
661d4f07da2beafd9ec00bfe44d955375c809c5f5c014b64cf5595c342b8800e
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
6a5073ecd65b21a2428f0bf47e80529969efe3635cf67ad6107794313ee2a81a
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7
6e1880867f402b6bfd7089b2d6f9b387bc6fdcbfb7a67e95486a5bc5696c3e16
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
72c6df194818462d86074eaf05fc75f13cabc26431999b329e51a0c26a9f4c81
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
7727f84eac14fe82243924684b431eeefa12f779c0cabc62f684db7d3aab8369
7e6ad35ae407a202decf24b79ba928c8518adebbedb37beded558e867a6db354
897a8eae55815ac35bef8d185781dac77b2ea64000ac0160bf8294b4da821bd2
8a729bd33a9515ab604694cae0fd2f2fb6b5ab17a7e24c7db332bb3726dd4a76
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92c697999cba6a93e8c8b01545784015bd6d5c45e68d1c36cce21e34eae7f9c9
964233060ac72d086ce4b5b7d74664c80796dcb718235fa2b32e86fce067cc46
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9ce79703bf9ef25c61ba4feed40992772b9231110f6aab72b714d9517219b3f9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e27234e0ab2fe43d9be026b4d681da6e11025895d1c766324811bd0eb7e50a
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
a94e9e0d7e80fb8129f6c33f78f6b03f08c2eb5722870ccfa7cc2893190c9c20
aa400acc21c3c93305bc6601210eeedb76c6d3a817f8675807be4fec4e53030b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d89ab7aff69442bf33b2e54446ee41f95bd0c3ff49b47146cfa052bf405245
b3fa00681128f7b43422a70a5463904cc1d9fb9ab2bb35859d7832e215af16d3
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
baafe03efbc7065f3cb275f7cffb23f83455d8c723c531dbacfaa46c6f5824b3
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c0c615d139a645471cc39be58e83a6e54c6a0a1850530217daa8ba66852ff1ee
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4a7da01bb50d590eedaf6598fbda665b4c295061e526c2111137024ec3ea8d5
d14cca2b7e2cc400051136e50515149138bd9c4ac8e490a6849733d1c605e14a
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df2bb9597a554b46bd807cfd97ec6e3f7194ccc218b95d7f1e899657c1cf9fcc
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7b54b29718e20c7deb19de55648211d23a008becc9ad6bfde01a72a09072b2b
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290