tt.vg Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tt.vg/
Effective URL:
https://tt.vg/
Submission: On January 02 via api (January 2nd 2023, 4:20:55 am UTC) from IE — Scanned from NL

Summary HTTP 190 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 9 countries across 33 domains to perform 190 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is tt.vg.
TLS certificate: Issued by GTS CA 1P5 on December 2nd 2022. Valid for: 3 months.

This is the only time tt.vg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 5	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 19	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:9000:223... 2600:9000:223f:8600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 2	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	63.251.14.3 63.251.14.3	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
190	25

1 2a06:98c1:3121::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tt.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

tt.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.201.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.125.36 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.14.3 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	549 KB
41	tt.vg 1 redirects tt.vg	598 KB
34	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	218 KB
20	gstatic.com www.gstatic.com fonts.gstatic.com	593 KB
13	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 142	43 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	6 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	281 KB
5	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1178 s.tribalfusion.com — Cisco Umbrella Rank: 2747	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1147 r.turn.com — Cisco Umbrella Rank: 4328	2 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4333	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 670	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 866	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 871	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 456	529 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1585	459 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 791	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 996	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1004	793 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 679	863 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 5103	104 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	461 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 918	539 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085	45 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2379	350 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 3008	173 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675	578 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 914	445 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	717 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	692 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	340 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1438	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	76 KB
190	33

	Domain	Requested by
41	tt.vg	1 redirects tt.vg static.cloudflareinsights.com
33	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
21	pagead2.googlesyndication.com	tt.vg pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
19	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
10	www.google.com	1 redirects tt.vg www.gstatic.com www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	fonts.gstatic.com	www.google.com fonts.googleapis.com
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
3	a.tribalfusion.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
2	secure.adnxs.com	2 redirects
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	r.turn.com
2	ad.turn.com	2 redirects
2	sync.teads.tv	1 redirects
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	s.tribalfusion.com
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	um.simpli.fi	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	tt.vg
1	www.googletagmanager.com	tt.vg
190	39

This site contains no links.

Subject Issuer	Validity	Valid
*.tt.vg GTS CA 1P5	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://tt.vg/
Frame ID: D2BF51399A9D840BE0C857525B2EFAD9
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 0A1DC3F7FBDD5AE5CF6D42E8555F014D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=wuwtxekwd78w
Frame ID: B155395F6CC22F19BCF3682820D7A524
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&adk=1812271804&adf=3025194257&lmt=1672633249&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x675_r&format=0x0&url=https%3A%2F%2Ftt.vg%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633249246&bpp=7&bdt=601&idt=258&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7482951849343&frm=20&pv=2&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=288
Frame ID: F1C9E9C0A3F5A4B809CB1A8675EAB06D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.2501161696~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=2&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0&nras=2&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YM9fIE8QAs&p=https%3A//tt.vg&dtd=44
Frame ID: B1C43C3EA26F7E9F6812B36A88F3510F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49
Frame ID: 7467ECA4F1CAFE30DBE9A5E99E427F21
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.431695890~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=1&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280&nras=4&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yFJ8lgzkGO&p=https%3A//tt.vg&dtd=53
Frame ID: 0E76D86C6B2337F8A1319A0F785F97B0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.431694939~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=1&bdt=1519&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280&nras=5&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=BryeH59VZq&p=https%3A//tt.vg&dtd=57
Frame ID: DF7F0F7A7ACB90936A051A936E28535A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: B5F6EFE59F60AFA833A774770EE12F59
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3502E001247D57DA66B70D89C90A67EF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C6765894984DFB0B274213EEE7EC21CF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17D45F2982F3DA6B0D1A9D5101C9A6B4
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E0CC84F98E841E9DF40FBCF7152E90C4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E34C3DAB1CCF9C9DEF83161EE5F9F5E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 726D66A20E5226CC93AE6B1806597CBD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 2CE3B3F745B3D899662BB045E2CE2D20
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 2AD6F5EB179FDF71AE1F662DB72919A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 132964A79779A914994F60F2E8526970
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645
Frame ID: D407E8322A18DE5F87ABDBE0EC3EA017
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FC5B518A55CD030703F021CBE0B7F350
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: B33019E73005E90EB4BBC6FF6FD646F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 8B66EA90BD90A8266E1585886533652F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 19B52F212532B68912BE4B01F1D4D7CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 883B3EA0DDE8B91B0832D8145FD482D0
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 5CE3E18D3A0773A0B93AB241BFB3AFE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

URL Shortener - Short URLs & URLs statistics | TTVG

Page URL History Show full URLs

http://tt.vg/ HTTP 301
https://tt.vg/ Page URL

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

190
Requests

91 %
HTTPS

56 %
IPv6

33
Domains

39
Subdomains

25
IPs

9
Countries

2374 kB
Transfer

5868 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tt.vg/ HTTP 301
https://tt.vg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 145

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOMaTYKtJDuZvj0uJLyrhhg&google_cver=1&google_push=AavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5HjytJLg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5HjytJLg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOMaTYKtJDuZvj0uJLyrhhg&google_cver=1&google_push=AavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5HjytJLg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5HjytJLg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 146

https://um.simpli.fi/gp_match?google_gid=CAESEJ5cD250uZMPcM_IusAOY8g&google_cver=1&google_push=AavPq0N8-C8alF9LIysZK1IUShmWR3YfH_HujEo16XeD2uiAyD0RCMKn_MOxEkoaGO7vyKBGUG3jTIkNSXRe8sO0TI9wLhOkRwS0c_k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B99BAAF31F5541528A5C461EDE54655E&google_push=AavPq0N8-C8alF9LIysZK1IUShmWR3YfH_HujEo16XeD2uiAyD0RCMKn_MOxEkoaGO7vyKBGUG3jTIkNSXRe8sO0TI9wLhOkRwS0c_k

Request Chain 147

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELQcAleiFHVFIO1k858Is9Y&google_cver=1&google_push=AavPq0NtRfMPeYEPXh8DphTLEZTHbocfzl5IUPEaQjaxMGPweHNV1dXD1c_v9Ms22XCWuLJLeKgnXizvxc-Fs56l-LV-6geSKQ5Sb8Yh HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELQcAleiFHVFIO1k858Is9Y&google_cver=1&google_push=AavPq0NtRfMPeYEPXh8DphTLEZTHbocfzl5IUPEaQjaxMGPweHNV1dXD1c_v9Ms22XCWuLJLeKgnXizvxc-Fs56l-LV-6geSKQ5Sb8Yh&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=au7KKZIDRX2YpKZTKdDkaQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NtRfMPeYEPXh8DphTLEZTHbocfzl5IUPEaQjaxMGPweHNV1dXD1c_v9Ms22XCWuLJLeKgnXizvxc-Fs56l-LV-6geSKQ5Sb8Yh

Request Chain 148

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPTUsQEPufYo2gOWvZiDy9Y&google_cver=1&google_push=AavPq0Od6Jr5FAoxV0cAzabTgAq1lqcc8STQ-mjBQqmmXDgetRNsUhPJslyLpoYQbf-x7TlXYFW-oAQNYUaRXZaZN9Z6Nv7mMYjNQwKX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0Od6Jr5FAoxV0cAzabTgAq1lqcc8STQ-mjBQqmmXDgetRNsUhPJslyLpoYQbf-x7TlXYFW-oAQNYUaRXZaZN9Z6Nv7mMYjNQwKX

Request Chain 149

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENMKSu1JlNDniCF37RbAqBE&google_cver=1&google_push=AavPq0OpvGAdv_nFOQq19CIRHwXIb3Sq07lTltUf8WHuhOL_Om5UF6sfoHkCiRt4cot9d9lFvzWIcDYQfDoeKTSBO_4DKCcj_xw9eh7b HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0OpvGAdv_nFOQq19CIRHwXIb3Sq07lTltUf8WHuhOL_Om5UF6sfoHkCiRt4cot9d9lFvzWIcDYQfDoeKTSBO_4DKCcj_xw9eh7b&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672633250890 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3f0f7eab-3353-4d6a-9369-99902238ce83-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0OpvGAdv_nFOQq19CIRHwXIb3Sq07lTltUf8WHuhOL_Om5UF6sfoHkCiRt4cot9d9lFvzWIcDYQfDoeKTSBO_4DKCcj_xw9eh7b%26google_hm%3DAz8PfqszU01qk2mZkCI4zoM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OpvGAdv_nFOQq19CIRHwXIb3Sq07lTltUf8WHuhOL_Om5UF6sfoHkCiRt4cot9d9lFvzWIcDYQfDoeKTSBO_4DKCcj_xw9eh7b&google_hm=Az8PfqszU01qk2mZkCI4zoM

Request Chain 150

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJzIPjhK7Oo-LDbockFR_yc&google_cver=1&google_push=AavPq0NatmWmqkSa4JrvBHmLkh_oweWojxx8gck3avdwu2ayUit3eQm_cKTMVFbQK_ttL4chBIYv4gQc2crY0jl-9JX-ARlkvfUM_EDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0NatmWmqkSa4JrvBHmLkh_oweWojxx8gck3avdwu2ayUit3eQm_cKTMVFbQK_ttL4chBIYv4gQc2crY0jl-9JX-ARlkvfUM_EDQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 160

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJMKGJuegfLgNyX2BVAuME4&google_cver=1&google_push=AavPq0NsKkAjbP6NidZOpMFPPVnXesw5VRRkBneYQryzb7t3vsE1nhg-zRSwjn08Xp4PGRhV70fayhF0RlxiISFL-lymXMn2wkLQR6Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY4MzkwNjY5MzEzMTAyNDcyMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1

Request Chain 161

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGoHdCNquQxo9yUlCfQrMFM&google_cver=1&google_push=AavPq0NaDCmAaVpTLRt4lb-XVF039hKbNMP0t1FWhjZJL0lgC4XRDiN20l2HaDwscRo67Il6WhX0Gk1P-2znSiii9tWON-lMbUopGWA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0NaDCmAaVpTLRt4lb-XVF039hKbNMP0t1FWhjZJL0lgC4XRDiN20l2HaDwscRo67Il6WhX0Gk1P-2znSiii9tWON-lMbUopGWA&google_hm=_1GiS5dQ2MFgLxec0NWERA

Request Chain 162

https://a.tribalfusion.com/i.match?p=b6&u=CAESELeeK5bs52l2UvfOV9-P7_c&google_cver=1&google_push=AavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZJ0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZJ0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELeeK5bs52l2UvfOV9-P7_c&google_cver=1&google_push=AavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZJ0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZJ0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 178

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1&google_push=AavPq0MPD5VPojR4OsJ0PqYdbqurPrtyUgfC_xgVSN681guwiy4aSHEFUXFLnxbxwayVz9zv6f-kbOglaZqIt7uLnctzzG9HjRECcwrs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYxMTg0OTA5OTA5MzA5Njc4NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1

Request Chain 179

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKHAnuN2jUmcipuVVMkTArY&google_cver=1&google_push=AavPq0MDxAPEZRxnw-AQ58E8YIdCm8lt0LIVcHw1UWtmGm_xUnCPSYWeN-2V5kfhrRtBrc_3diJM-hc4SEjQBj0DrT5BuwqfosqDUOii HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHAnuN2jUmcipuVVMkTArY&google_push=AavPq0MDxAPEZRxnw-AQ58E8YIdCm8lt0LIVcHw1UWtmGm_xUnCPSYWeN-2V5kfhrRtBrc_3diJM-hc4SEjQBj0DrT5BuwqfosqDUOii

Request Chain 180

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPkjD-iL5uQ2wQmqMRwKTBo&google_cver=1&google_push=AavPq0MufQCt9aoQH7YrXgTzqizp65vTovVLZcggWxBGOI9g_TKDDPR2m4btK8F7N2lCjKitU01M2pwpsk7-X_U_Y1xcgQSHqfuO55Ux HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPkjD-iL5uQ2wQmqMRwKTBo&google_cver=1&google_push=AavPq0MufQCt9aoQH7YrXgTzqizp65vTovVLZcggWxBGOI9g_TKDDPR2m4btK8F7N2lCjKitU01M2pwpsk7-X_U_Y1xcgQSHqfuO55Ux HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA1MzQxMDYzMDcyNzE5Nzg4NQ&google_push=AavPq0MufQCt9aoQH7YrXgTzqizp65vTovVLZcggWxBGOI9g_TKDDPR2m4btK8F7N2lCjKitU01M2pwpsk7-X_U_Y1xcgQSHqfuO55Ux

Request Chain 181

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGoh3aiIGKtGVkW197tMOIA&google_cver=1&google_push=AavPq0PL3GAV8EWOv3YZxf3-yIAv3qAtXOIdjAWqcEOhGKIUHRmt6nfW9m5E_Y0fJmT0OdgM68gnUBEwcZhzoAWUhCRA_jfgKhvn6oW- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENFQU5HSVAtMjUtWFhT&google_push=AavPq0PL3GAV8EWOv3YZxf3-yIAv3qAtXOIdjAWqcEOhGKIUHRmt6nfW9m5E_Y0fJmT0OdgM68gnUBEwcZhzoAWUhCRA_jfgKhvn6oW-

Request Chain 182

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMSP55PwnaTJEPURkbIRXH0&google_cver=1&google_push=AavPq0NMkcMh-iuWvbWuwOzOJyh2ql2cYWC95WDDwtDzc4VR_mfw60cAlPwLxuPv6xqa3gzG0Aj_OFYIow9iKVhldLyCcZwwYJl1RJYe HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMSP55PwnaTJEPURkbIRXH0&google_push=AavPq0NMkcMh-iuWvbWuwOzOJyh2ql2cYWC95WDDwtDzc4VR_mfw60cAlPwLxuPv6xqa3gzG0Aj_OFYIow9iKVhldLyCcZwwYJl1RJYe&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMSP55PwnaTJEPURkbIRXH0&google_hm=Y7Jbo6UcRjitOnrucApkDwAABG4AAAIB&google_nid=index&google_push=AavPq0NMkcMh-iuWvbWuwOzOJyh2ql2cYWC95WDDwtDzc4VR_mfw60cAlPwLxuPv6xqa3gzG0Aj_OFYIow9iKVhldLyCcZwwYJl1RJYe

Request Chain 183

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMrIZzia1RyHT-I-S7LNkN0&google_cver=1&google_push=AavPq0MJJ20L1NbgP8g-8kkD1C8b3NozFz9bgUcadMO37fSuR0ryJg0WNTXx-zLuKsriSqPrlD1p3W2Yk4bAT5ooVNDG_NpbsPdKlzI HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMrIZzia1RyHT-I-S7LNkN0&google_cver=1&google_push=AavPq0MJJ20L1NbgP8g-8kkD1C8b3NozFz9bgUcadMO37fSuR0ryJg0WNTXx-zLuKsriSqPrlD1p3W2Yk4bAT5ooVNDG_NpbsPdKlzI&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MJJ20L1NbgP8g-8kkD1C8b3NozFz9bgUcadMO37fSuR0ryJg0WNTXx-zLuKsriSqPrlD1p3W2Yk4bAT5ooVNDG_NpbsPdKlzI&google_hm=F6skKGZHgn8EvxznT8G1N30r

Request Chain 184

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFsr6DdPnuC_jzHAivHnq6c&google_cver=1&google_push=AavPq0O4V05WIbUiAGvSCtTwzWr42cNVfEq7eQJoGZkdUb19EeL2cuSFKNwGf_LmkJk0Hia2tSTXegxxR6MtDuElMmDPA0mzwxTzV6xf0w HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEFsr6DdPnuC_jzHAivHnq6c%26google_cver%3D1%26google_push%3DAavPq0O4V05WIbUiAGvSCtTwzWr42cNVfEq7eQJoGZkdUb19EeL2cuSFKNwGf_LmkJk0Hia2tSTXegxxR6MtDuElMmDPA0mzwxTzV6xf0w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE0NzQ0MDY1MTk1MjgwNjY1&google_gid=CAESEFsr6DdPnuC_jzHAivHnq6c&google_cver=1&google_push=AavPq0O4V05WIbUiAGvSCtTwzWr42cNVfEq7eQJoGZkdUb19EeL2cuSFKNwGf_LmkJk0Hia2tSTXegxxR6MtDuElMmDPA0mzwxTzV6xf0w

Request Chain 195

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO3owA81UzmgaTu80I4kItw&google_cver=1&google_push=AavPq0PlLa9pClPJIeh00eBagKJ2aHiowaRoT5kCJLN4xuAzkbV5KZToH-EN4szxacQMbdimOeZakPOyS_DBH5HV72os_TZb00YA_9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PlLa9pClPJIeh00eBagKJ2aHiowaRoT5kCJLN4xuAzkbV5KZToH-EN4szxacQMbdimOeZakPOyS_DBH5HV72os_TZb00YA_9A

190 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tt.vg/
Redirect Chain

http://tt.vg/
https://tt.vg/

32 KB
8 KB

312ms
264ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed35b2f51ce1194d1e2f198652c7195811bd9a1a9c27c9221080654a53818443

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7830b44a6a3e9267-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 02 Jan 2023 04:20:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnWdm28rSE9Rm4qiuv9XVxUApWtF%2F3WchAPY9BBUJoksGnWxFrzIDLJimWpLn%2BmHwEdzukuaH6B9uQtzkVkHq3pTHuUhYC8Sj8rfXdCO5kvbpc9vzK%2FcPb79y%2BnCCkoLtCq2Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7830b449daf69b33-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 02 Jan 2023 04:20:48 GMT
Expires: Mon, 02 Jan 2023 05:20:48 GMT
Location: https://tt.vg/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0AzoeIXtZRzhm9J3b2L%2FJ8GLeKOQRmbyG1JPZ9C0x0gr7UAowDSPQaacjHqpNOo44BXoqxyDDk6DRlgxcPlErOfxOESwmjeOQUyshEPdsBkA0WJz47tkF42rz6MvL9k%2BTX8WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Server-Timing: cf-q-config;dur=6.9999950937927e-06
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 all.min.css
tt.vg/static/frontend/libs/fontawesome/ 58 KB
13 KB 306ms
305ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/libs/fontawesome/all.min.css
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff2d96e12ddb06108b83358c22b1638d4cd8cec667823b6af9da2d5db88838a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a0e376-e773"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inutr3LjmlA8WTfYaC594%2FiNGj8NrQTx9cQ9MdneiZMwKUq1d90un9uehP%2FZjYFBnnUDCRH14Dvw4MFPt6arT6MDGqVehCsPs3w10m7IJDW6%2B68%2FDKzJO8oEHFO8kTb2zGG6ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7830b44c1b349267-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 02 Jan 2023 16:20:48 GMT

GET
H2 200 select2.min.css
tt.vg/static/frontend/libs/select2/dist/css/ 15 KB
2 KB 213ms
212ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/libs/select2/dist/css/select2.min.css
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a0e376-3a76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cc8mNv7TvzX3pmAzmeMySNFIBEwUz27e2tOBYl%2BMqM5LL5RN7lzGl0AkBHKeMi1p438GuEpOCDeKjVuolW5idf4s8oLeGsx5ypdCsyLFHN2NB3T6g6h7TJZ8uOkI0CAPNkW%2Bxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7830b44c1b359267-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 02 Jan 2023 16:20:48 GMT

GET
H2 200 cookieconsent.css
tt.vg/static/frontend/libs/cookieconsent/ 18 KB
5 KB 240ms
239ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/libs/cookieconsent/cookieconsent.css
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a0e376-4973"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZQebXib9m0edqR1Xg0OOqAJrUF2FZiZJypseoi7WDAPd0sVjo0YcWRK%2BHAc63a%2FdyfzdlSVDgum7L8xMAj%2FUOWHJYKBgyc1Oa5niJkblK2SORna%2BO0gdxvDzrpGfkaYxbQs%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7830b44c1b369267-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 02 Jan 2023 16:20:48 GMT

GET
H2 200 style.min.css
tt.vg/static/frontend/css/ 460 KB
68 KB 311ms
311ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/css/style.min.css
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c309c7f23e5e2d9dd668c79eee9b39a6f5333a9db6ad5c9fe0fb290d352ff257

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a0e376-72e88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Geiv%2F9jzt99PZwIke5XgIhGKMeucpdIuiKO1Wr5MGsv%2BzWaceVuqnLr5V6fqUkZPu5sflsCE%2FTGeEG6Li7YudmnH9FwZF8CRpR8aW6xWH0DqVS%2BYegcnAXC%2B31QJsgAQd5Kg3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7830b44c1b379267-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 02 Jan 2023 16:20:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 169ms
69ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5GBHM4THHH

Requested by

Host: tt.vg
URL: https://tt.vg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c623b35f07798c31cdd7f44c416abe18298cf25d842c2adcbf2ce3d29d65c6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Jan 2023 04:20:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 181ms
74ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4327943744181213

Requested by

Host: tt.vg
URL: https://tt.vg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

864835646fb814d6182e9f39fee7d734cbc040c96b195d2e6131167999394bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Origin: https://tt.vg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49582
x-xss-protection: 0
server: cafe
etag: 6892233207494563177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 04:20:49 GMT

GET
H3 200 tlogo.png
tt.vg/content/ 5 KB
6 KB 120ms
116ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/content/tlogo.png
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e5a6a3d6a017d78d5bf449b85367fc198de54f3fd179ffb372f9f38122c2330

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5244
last-modified: Wed, 20 Apr 2022 15:40:59 GMT
server: cloudflare
etag: "6260298b-147c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17qgQPgpXe63DCKsAT5vhAQpuP4cKK7J5EdmnpksONH5XJT6v2dQqsL%2FL%2F5CGQPXcLEGUst%2FvBc12gbIjm8EiNsSvlnsHZqb31XUiFydQ1i3AE0ZvZAl140VHB%2BQBtoNBQRWbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7830b44e4cf29279-FRA
priority: u=3,i=?0
expires: Wed, 01 Feb 2023 04:19:45 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 103ms
31ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C

Requested by

Host: tt.vg
URL: https://tt.vg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ca49c11918ee8d0a8d76c3ecf38a16eeef0f02d55ed6656f6d6d56e573f6d7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Mon, 02 Jan 2023 04:20:49 GMT

GET
H3 200 DsdaIt_hero_scape.png
tt.vg/content/ 62 KB
63 KB 120ms
117ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/content/DsdaIt_hero_scape.png
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9a0b2b2b65e12ba2c00c8751f95a9c724c9ab7bf182b6ad88775b8257f41909

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63695
last-modified: Sat, 14 May 2022 06:12:31 GMT
server: cloudflare
etag: "627f484f-f8cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJPWlMjxYpFDE6ARDW8QdsrxniXAOHdLXHO40yVGh3DAiiGHmvuqoK5WCWpUH3dnkE7jfqMBw%2Fzf0vbFw%2F%2B0G1UFXUIw2%2B9k0Sgq4OuO4D7wTtAcuZPRLP6IHNZZcNb%2BaakJXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7830b44e4cf39279-FRA
priority: u=3,i=?0
expires: Wed, 01 Feb 2023 04:19:45 GMT

GET
H3 200 profiles.png
tt.vg/static/images/ 49 KB
50 KB 135ms
131ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/profiles.png
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310bd640fec7a71439624dcd3283d6c509f5b22eeb1c852a53dbfd2172290b64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50280
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: "63a0e376-c468"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9zm%2FzSz81o7d7NeZ%2B8wOrQFCC1gS%2BsKKw1AZmCPCFv0HD9IP2yJ4FZNSuFeSVfBvnHh65LfbW7cQ1OnqN%2FYsWRhpL7zO4TjyEEY1bT86crTA4juLWcAFoTJeZokv%2BSVzg1%2Fcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7830b44e4cf49279-FRA
priority: u=3,i=?0
expires: Wed, 01 Feb 2023 04:19:45 GMT

GET
H3 200 filters.png
tt.vg/static/images/ 18 KB
19 KB 137ms
133ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/filters.png
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dc661f636f195609c6a56234a8e61501290e70790ae3c9bba1557fb84f88edc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18598
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: "63a0e376-48a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k6btXtECvu4pfbasVGLMuQWlEalkjNily0ZJeustMKsbexCDvHJwuJKTy7jBMqpFrDjJ%2F2661woOWIeGd2F8F%2BB2N71SZ%2B8P5ivFcVEr3F6m2FUwwq33AiVtyiTTAdsMOl5Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7830b44e4cf59279-FRA
priority: u=3,i=?0
expires: Wed, 01 Feb 2023 04:19:45 GMT

GET
H3 200 qrcodes.png
tt.vg/static/images/ 84 KB
84 KB 137ms
134ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/qrcodes.png
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 345d7f0379689f4d88d39b40b97e5995308eaa22e37756f10d9f4353361652a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85833
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: "63a0e376-14f49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PvwtV7lriNCDPlS9gkNB1a8bV%2BSIz08cLuvYBkYBFNiEtUIiKL4Vmq1%2BxjbTG2TXP7iDTapdhndTNWHkowONS4zlfU4FjJSTXDHNGCgwxdk4foJQXFkMP8dkyZKBiu5g%2Bimog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7830b44e4cf69279-FRA
priority: u=3,i=?0
expires: Wed, 01 Feb 2023 04:19:45 GMT

GET
H3 200 us.svg
tt.vg/static/images/flags/ 4 KB
1 KB 139ms
135ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/flags/us.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0764fbaf28b48639aa8a4c6244d07b22341d958094f4d8a7c62b6936fa9c2a4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-11c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Jpm%2BDVUCDs9hGEp90h%2FylYWuGxiNk2R3ulI4W89ptroT9aMZP8%2B8erdUfurey9la%2F8gzP1llK5erhQIhLcKtpWqDJq1HvgKkZj34pWZBk5Mccv55PCSn%2FWNR9g7PccohJaItw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4cf79279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 fr.svg
tt.vg/static/images/flags/ 321 B
701 B 140ms
136ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/flags/fr.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648775f95901e24afe12a1a5b904fc38eef9642ea4592a4ad842592771d54592

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-141"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ofDJf%2F5Uq2iQlSWKoPqhVD6YRK8Y8f38rTHAil8Qq9Ry%2BuVha89Fau44pt1eYI5h5spWIidg%2FUmMcKMpyhAvM65JfOaTyQ%2F%2B3AM2HXxyWjfgrs1fW2rShOS493J8pKlI8sFZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4cf89279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 gb.svg
tt.vg/static/images/flags/ 860 B
958 B 140ms
136ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/flags/gb.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 887d6a17e3f465e3781be9292d4f17676e9e41034a21898de4de3ada1cf35bec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-35c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWQr7UHmx7yJP%2FfWuCUte%2FKO2OuNe3QvlZWa0zWTTtWlRU6R0WX462NwiHzOLnXCSZ5yX%2F421GndUkVeWckoarqKsDjkp35NsEoFyyYegL1S%2FrmBe4pKXiSHDmCoBg337%2BaRgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4cf99279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 wp.svg
tt.vg/static/images/ 1 KB
1 KB 140ms
137ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/wp.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5f1b1a775539fd7153b19c1edb543b046dd57fb0ca540fa448749fc722d130

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-5cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRP5Tf6k07YNauzYwOUYXMxApcA%2FhiGXfjNZ2sLS%2BXZ%2FQxweFjtg9%2FmF9COIUV7JDpZdSjg2dYzrnyoTH7b0rmuBtifHX2S2goNdIw8%2BYOB6Bj9kTcUqg5%2FOMBZKn%2BRxqB5v2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4cfa9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 slack.svg
tt.vg/static/images/ 1 KB
938 B 141ms
137ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/slack.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0af31c6ff066af42be01942d97b843c037874f184e1c96f0a6bdf3946a4d1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-572"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHeyG460Vv15GFlwYUvxnHD7HB5XDjAAT7pzc5Bc%2B35ii01KLczIdCcnl%2FXURPTOhzRFvf9OviKjIqgc1ZpMUrIAylM9%2FXDRfgCUoW%2FcarTG4PMPZmXxgwp%2F9LkC74tHC5Ny3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4cfb9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 shortcuts.svg
tt.vg/static/images/ 2 KB
1 KB 141ms
138ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/shortcuts.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa578bc87be816b3db85edd15e8300cddb9eadf04a973f6d6d4e45e65c41a15f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrBtBahsMgAxNA3M8zv5p8fxMiqZF%2FRKrfv8kxiXP%2FWTfW5oJ2rcrCa9AAwDitNpZ1oUt8sqW0onxP6KLpTkZMDkz01CtI%2FItPQy6%2BXcxQ8egoMZEe6UvmcvEttFxOEjt3gHoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4cfc9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 gtm.svg
tt.vg/static/images/ 1019 B
1 KB 141ms
138ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/gtm.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1823500ee86a20d18d69defa16b1d7d64299d5840faf4b65b421e621cd1e527b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-3fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKJKsHfNXoiq%2FCs2euFdtaO89FlqFUYri6JBTbxgJnhbpV%2BeOXGOBXjUYyj6K0GxOedUXWKG25iahhHcmUtWmYahop8ovF94HoubB86G98a%2FKoXgT0XriRKsCHkDFhT9xGNcCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4cfe9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 facebook.svg
tt.vg/static/images/ 450 B
798 B 142ms
138ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/facebook.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70a61061ecf9e6f6a497315d699b281ec1e9505dba1fd9331f02ef5416a6ebaa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-1c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTf6DNnPUzNiXsRrRqdL%2BjgDbkex9EgvqMxVNOE9kxCIRb8hFzDMngqM6WjtKF%2BxwxqV7KQm1YxAhIy6e59Ou2cIxiQzstLq3EkTdGR1bdfn2kRfsThjp%2B31ts3g04EE3zeOlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4cff9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 zapier.svg
tt.vg/static/images/ 1 KB
1 KB 144ms
141ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/zapier.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 139a90853100a3a4afa575e33a8134a26d92cabbd26044c62f93ccc938dbb7c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-488"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GI4G3CYqsgAoMJq0g438nuON6Da69KQTnhhDO27QQ4Mf4o60B2GVrHOKa%2BNaO%2B3GSMjxQtRkFrhRrkUvoxuMrcjPzmpytanK9tXY52qdUnPh%2ForaGczLOkWN0JYzd%2BlkZmlHEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d019279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 bing.svg
tt.vg/static/images/ 464 B
807 B 145ms
141ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/bing.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a53e358d9729b82f3b59887f709dc13bc0164e6fbfbfd639940f820901386d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-1d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrklfrvtfQCWYqD%2BzfiyrApjTR87TVmjn4fGQz1JiJN%2BMYodCNsSl4W9hQOALePI8ttAOzcpDORjpHsbScmEHzY9LEdcSGyJM59K87YyvsITv6wB6DyrRaBCHknWK2QKDDiu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d039279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 twitter.svg
tt.vg/static/images/ 1 KB
1 KB 145ms
142ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/twitter.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1bd51e114753f99252a3a188249026e184becda90451dec0a1643bfcf85e297

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-451"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FW6YWKlPyKJY1W6OHGBtjyHQ1FmP6VCo5yK4fm%2BoPJPcn375EK9MOfXQZ5zv0lEuyQnlbQyEm0A4dy1Rmf%2BMGmobZhr1C4NioacTER1zZZf9NWGtCD98MS%2Fzo7n2scy8z%2FgbZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d049279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 snapchat.svg
tt.vg/static/images/ 7 KB
3 KB 145ms
142ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/snapchat.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d7aa853769ad4fd368ac28f201ab903c567ef7719ee542016f40a73841c96b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-1aa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0oMmSh5sYrU5iVxylwM0VTdRGSuJ4cp755BC1cc8DNFFhkIGfxBvMp5RrjefS5ghuqYhlNS5Kvp%2BRRSSUio3%2FgHTTA48uZEBmxTWAALK7mBp%2FdXS0oi6tkfCwgNKf7RIsMQJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d059279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 reddit.svg
tt.vg/static/images/ 2 KB
2 KB 146ms
143ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/reddit.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4644d1714253e3191325bb5d1f02df845679a152df5a976db08e2242d6becc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-93a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGh4xL4FBOYTg9idQTfvnxfdd1eJFhC%2FVc8NZzVfoK54wOapDFR3Ptz9Ovt4UwpisTpQjR5AqxfPG7JWFkvaBMi3XS03iiYbBzS4BhOc7yot3FrPbXR4vZ45Wqq23KzmlcDbmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d069279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 ga.svg
tt.vg/static/images/ 404 B
740 B 146ms
143ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/ga.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0afa34695933663b97d3ff2846d107957e82f9ab49423d784512b4abbf542da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpB7bBUtf%2BZe8OWV9JDnhonfQnSRz87y9v0Y94SQZw2CMXGWo7LKKBU5uO4Mlkwmyfaja%2FxjyzOBhur8MRivSi0RpNXy7xQmMRmJc4UVDa4UkpDtyn8a8DMvDiVEXqu8Y940vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d079279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 linkedin.svg
tt.vg/static/images/ 612 B
866 B 146ms
143ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/linkedin.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27df2f0f5920beb815e662147728283d9eec37973b40f8917072f581381f4079

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-264"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wth9pvVJO%2Fp7BcplStS2mzz711XJ8PZVNjh%2FH%2FjNXnNoz9zAsQSoLBs2%2FXdLs1N3ta5IjfBBYU%2FHwyqNd3lehALDM%2BwYo%2BeXA0Iog%2BfZhUUKkptqH3n2hD1QuEsn32I%2FigrjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d089279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 pinterest.svg
tt.vg/static/images/ 6 KB
2 KB 146ms
143ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/pinterest.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a87a2de940fcd825afbdd64763da4afbb96732da942bc0e07763e17566bc1f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-17f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WfRCNPAVG07vOrtB9wFJ7PHGVPrdhytosVSUn48PLDf2MZnGvZN%2Bae%2BuLcE3Uq1kOJmv60FS9zfZQ4ld8WHHI28hMSk2%2F0n2T8Vjy9aakVPgmtGgV9Tzd4YhTPpP1w3T8WJuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d099279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 quora.svg
tt.vg/static/images/ 2 KB
2 KB 147ms
144ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/quora.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d326e1beb637fb1a95450797ec2eef966c01a063ef1d8e5903013f80e719bce7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-8e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcnjS8On%2F%2ByVkdADo27mrk8yRhO45cI3oVKkp9fbJVst%2F3DS9ylNsYtvBICqGTJpVfPfRcZEsdenCdpmkb1BVK4qzuwMZu6ruE3jbI8ycinZydt210t15UKW3tCIZF7cOnKEiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d0a9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 tiktok.svg
tt.vg/static/images/ 3 KB
2 KB 147ms
145ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/tiktok.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf427039f141cd2a1b2be39923bb64324368a9e138dfcec86a1323fa86e20977

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-c9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IteAJKj%2FJwkPWmny6bGKUNAjep5SqOaluffU4NSqMtAIiR4ATAa2SCNRChAbKb0Uv%2BHZABAhLgq353TLby9GKDq3jrfCHTBrjyTn%2FsXsK5GmDQPy1PxX7XOYb%2B395%2FiQviM2lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d0b9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 aroll.svg
tt.vg/static/images/ 2 KB
1 KB 148ms
145ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.vg/static/images/aroll.svg
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f002de98a08348d79f04c198fafc8571cc50d2c0d73c2e38ad498784b87af74f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64
etag: W/"63a0e376-67c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht7yLhuVgsQJnhWjt2pVf%2B%2ByJYK5%2F0JjIrUthgEO%2FoLN0GZE5rY7IcAnTo1MGpYKeFDsBcYMHfuD69EcGTcVAW9wL5C2ZgdW5itFGeMvCimCWD7GE%2FuSGKuvPsKUYejiQ10ssA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7830b44e4d0c9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 bundle.pack.js Show response
tt.vg/static/ 324 KB
95 KB 41ms
41ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/bundle.pack.js
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8f28dec6f38c0a2e8a03fd136c96f56b875cebf4abe0d77803551d519f5dac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63
cf-polished: origSize=331817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: W/"63a0e376-51029"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTJYDOPOrzcnTtGyXAawP%2Fyf4N51gW0NHVeOZojlS1%2B7otu5Eg1bJu93CRNGZFvd3TDhzMICva0i1sGUgnb27PTqMgMQdecb2Z3Vfph%2FXgtiyejWUKaSTlbi36ThhQA7FrdI%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7830b44e2cd99279-FRA
priority: u=2,i=?0
expires: Mon, 02 Jan 2023 16:19:45 GMT

GET
H3 200 cookieconsent.js Show response
tt.vg/static/frontend/libs/cookieconsent/ 18 KB
7 KB 119ms
119ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/libs/cookieconsent/cookieconsent.js
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f79b4bcd8580176cef84bc7a633291696808f11418ac91be5356b315a3e04eb0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
cf-polished: origSize=18743
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: W/"63a0e376-4937"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Ff%2FJn0C0A5%2FIFbQeuODjgMUwVbaoCWLm3U3UnCfGUGV%2Fed%2FYo7hwMS3tyGqYaCvgaRAEoV7hcxN0mS6r8DEGJuWlW5YTjxGFhMfB6Xtkq6y1QZnvvGB1VGTt04qe7NZF12Cig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7830b44e3ce59279-FRA
priority: u=2,i=?0
expires: Mon, 02 Jan 2023 16:19:45 GMT

GET
H3 200 clipboard.min.js Show response
tt.vg/static/frontend/libs/clipboard/dist/ 10 KB
4 KB 120ms
115ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/libs/clipboard/dist/clipboard.min.js
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: W/"63a0e376-28d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlpSqqI8UdWNVhUVBxg9MvTOVBQ5MkSMQ1BvTH%2BSCcl0VqEA2PeY%2FIXot%2FtSJbFXGL0aCGabsEh8vxNRhqJJ%2F0K%2FXGpw7eKB2FRtqIEi3b%2Bsjfm6DtcHzwcY56D3P4WNERUqgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7830b44e4cee9279-FRA
priority: u=2,i=?0
expires: Mon, 02 Jan 2023 16:19:45 GMT

GET
H3 200 app.min.js Show response
tt.vg/static/frontend/js/ 5 KB
2 KB 120ms
116ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/js/app.min.js?v=1.2
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 192f158b4605f0b9bffd6d086c834b5dac318d14a8f42b8c22144c294eee2ee3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: W/"63a0e376-157e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApCgrZZj%2FG3x5AO6rPnfE9KoHq9ADRKmFLvKviirH12rDYPBvYULgJ8ixPz%2BcPkKKJMZ0GQQh4jQBOoggG07ecq8TAKIUOE2k0EJg%2BjAPGOh%2BgMFBkjtbfy8wHtcGDTS43WJ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7830b44e4cef9279-FRA
priority: u=2,i=?0
expires: Mon, 02 Jan 2023 16:19:45 GMT

GET
H3 200 server.min.js Show response
tt.vg/static/ 6 KB
2 KB 121ms
116ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/server.min.js?v=1.2
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae1762bd27fb4e0a35d9759539ce672c3033d50e8bf02668fc1a15e7f2a7af6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: W/"63a0e376-1983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSMhoIxsFXBw57znfDRwPvU7pYGkmpw59wBgYGRNvpKD%2FOV2xmnIyIPx9qCcc3kpT5a%2ByegsT3QQk2ySSUKCUQozzemZYQltd5voMVRWQg1FkY8RVKpuEQH5hyP3HZ66aDDlog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7830b44e4cf09279-FRA
priority: u=2,i=?0
expires: Mon, 02 Jan 2023 16:19:45 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 94ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: tt.vg
URL: https://tt.vg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://tt.vg/
Origin: https://tt.vg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7830b44e8ab12bf5-FRA

GET
H3 200 nunito-sans-v12-latin-600.woff2
tt.vg/static/frontend/fonts/ 17 KB
17 KB 88ms
87ms Font
font/woff2 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/fonts/nunito-sans-v12-latin-600.woff2
Requested by: Host: tt.vg
URL: https://tt.vg/static/frontend/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Request headers

Referer: https://tt.vg/static/frontend/css/style.min.css
Origin: https://tt.vg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17156
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: "63a0e376-4304"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FTwtJIINQQislMAMVw2Vnw7s9yIkem%2FtTuo%2BVWcvW6RHFkkk%2FlsjY6ZnPp%2FnGU43azBOzeFb%2BigHKegK40NpQjsMZdrtkuouj1uQqcV1KzJCgpQbWfu8DyF1FP7y6%2FpFP25Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7830b44e4d0e9279-FRA
priority: u=0,i=?0

GET
H3 200 nunito-sans-v12-latin-regular.woff2
tt.vg/static/frontend/fonts/ 17 KB
17 KB 88ms
88ms Font
font/woff2 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/fonts/nunito-sans-v12-latin-regular.woff2
Requested by: Host: tt.vg
URL: https://tt.vg/static/frontend/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Request headers

Referer: https://tt.vg/static/frontend/css/style.min.css
Origin: https://tt.vg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16980
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: "63a0e376-4254"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpwXy9qbrp9%2F%2F09pk2SrlymSky21NT%2FKcXkn1azar%2Fvs0AxvQm5W33Cg7wbCCr0LV7hazlZpjcPvnrcUQWKOMsqyYVQ5AwFY1ezY%2BYl6RrUqY4J72QFqpGwI9uIrrXinP4Mejw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7830b44e4d0f9279-FRA
priority: u=0,i=?0

GET
H3 200 nunito-sans-v12-latin-italic.woff2
tt.vg/static/frontend/fonts/ 17 KB
18 KB 85ms
85ms Font
font/woff2 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/fonts/nunito-sans-v12-latin-italic.woff2
Requested by: Host: tt.vg
URL: https://tt.vg/static/frontend/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1

Request headers

Referer: https://tt.vg/static/frontend/css/style.min.css
Origin: https://tt.vg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17684
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: "63a0e376-4514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmyocEAfq9z1E4MLGlakCFXmwPuIuiq9RHHFb61ZUVXu19G3%2B93twT%2Fv8MZQaOz8vZilADl5GBD6cR5OpDIAuhV2d%2BwMhdhVd2Jf5gXej1xSSwbM21%2BJusx%2BVj4PKiK7IGW%2B2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7830b44e4d129279-FRA
priority: u=0,i=?0

GET
H3 200 nunito-sans-v12-latin-700.woff2
tt.vg/static/frontend/fonts/ 17 KB
17 KB 50ms
49ms Font
font/woff2 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/fonts/nunito-sans-v12-latin-700.woff2
Requested by: Host: tt.vg
URL: https://tt.vg/static/frontend/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Request headers

Referer: https://tt.vg/static/frontend/css/style.min.css
Origin: https://tt.vg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17116
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: "63a0e376-42dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGkGiTUDzMVxGoPmlfxhOPRJXC2o3xLetUxPsde%2F6%2Fo36LDdkJ%2BUO0SaiSXhXMxZ%2FnFwcRqo3jXjRm5FqTQ9P0Fv46W2jW6x5p0o7zqeWOlvbaU5Q0EzM7S0Jv59zdHfDEwI1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7830b44e6d259279-FRA
priority: u=0,i=?0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 403 KB
162 KB 128ms
35ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Origin: https://tt.vg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 11:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 11:12:52 GMT

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1832fd814ef6059ee26f096df70e101b50022cffb4fe0c508c5d9869e65809cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 348 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c2dd943287224dc7e1145b864202d040ff0b87396dc9293dcac3d5ce9fc0c42

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 fa-solid-900.woff2
tt.vg/static/frontend/libs/fontawesome/webfonts/ 76 KB
77 KB 31ms
31ms Font
font/woff2 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.vg/static/frontend/libs/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: tt.vg
URL: https://tt.vg/static/frontend/libs/fontawesome/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://tt.vg/static/frontend/libs/fontawesome/all.min.css
Origin: https://tt.vg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Mon, 19 Dec 2022 22:19:34 GMT
server: cloudflare
etag: "63a0e376-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VDEA2SCDvCWEx08OfK%2Bq6HnG8KNdOj%2FhZaUkw4dbGQBtBqBAIdBPEiuLECy8Y8IEDOizcC5VnRm9uKc69BmYO9LWWW51LdgHzqS4w4ximjxYw4z9zrIE2cA%2BZx64csCz1OQYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7830b44ecd8f9279-FRA
priority: u=0,i=?0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 161ms
89ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg&bust=31071219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4327943744181213

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05ef436f1563af185373a04e6bd2de1efd485afa77661536a432b2d2a230aec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119974
x-xss-protection: 0
server: cafe
etag: 14428828998123477901
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 04:20:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 0A1D 10 KB
5 KB 68ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4327943744181213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 31813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 19:30:36 GMT
etag: 10353107486223812946
expires: Sun, 15 Jan 2023 19:30:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 48ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5GBHM4THHH&gtm=2oebu0&_p=5693737&cid=697623001.1672633249&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672633249&sct=1&seg=0&dl=https%3A%2F%2Ftt.vg%2F&dt=URL%20Shortener%20-%20Short%20URLs%20%26%20URLs%20statistics%20%7C%20TTVG&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5GBHM4THHH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tt.vg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B155 42 KB
22 KB 103ms
38ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=wuwtxekwd78w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

649eb0850204e9e602ebe94b7ee9b5d5bb70a2d1cccd2a750713abe1bd0bf268

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ht3I_ZjynTSLTQywzEVBOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22441
content-security-policy: script-src 'report-sample' 'nonce-Ht3I_ZjynTSLTQywzEVBOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B155 52 KB
24 KB 108ms
35ms Stylesheet
text/css 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=wuwtxekwd78w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 11:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 11:12:51 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B155 403 KB
161 KB 126ms
53ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 11:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 11:12:52 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
692 B 76ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tt.vg&callback=_gfp_s_&client=ca-pub-4327943744181213&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg&bust=31071219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06cba97350b1b1205b83ecbfb876821ab8a6f0d5baddbc546a97ed7865b8ccc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 165ms
58ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=tt.vg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tt.vg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftt.vg%2F&tn=DIV&id=cm&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: tt.vg
URL: https://tt.vg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1C9 282 KB
67 KB 527ms
485ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&adk=1812271804&adf=3025194257&lmt=1672633249&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x675_r&format=0x0&url=https%3A%2F%2Ftt.vg%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633249246&bpp=7&bdt=601&idt=258&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7482951849343&frm=20&pv=2&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=288

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44a7caf237d3473bf815cec2b718cfa039055bdd8d234f3792d2dfcf992c3bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 68222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:50 GMT
expires: Mon, 02 Jan 2023 04:20:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B155 2 KB
2 KB 36ms
35ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:21:21 GMT
x-content-type-options: nosniff
age: 478768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 03 Jan 2023 15:21:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B155 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 144179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B155 15 KB
15 KB 74ms
25ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 539970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B155 102 B
134 B 28ms
28ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=wuwtxekwd78w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 02 Jan 2023 04:20:49 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame B155 32 KB
18 KB 56ms
55ms XHR
application/json 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca300b81042ac5b1915f7c7619ee7306b4a81931e4a8c5692f4cac37a1128d7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=wuwtxekwd78w
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 02 Jan 2023 04:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18697
x-xss-protection: 1; mode=block
expires: Mon, 02 Jan 2023 04:20:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 141ms
68ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d868e2eb1c677e53f7157750db9ebd54de55e16afd5dbd795c3da2e13c0e5a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11184
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 87ms
87ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc040a1756b3162d1c9908a008cb616db071b8564f7c8551f7deb0443abb875d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52348
x-xss-protection: 0
server: cafe
etag: 958355067810151184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
67ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=6414&su=tt.vg&d=0&pvc=587645291925487&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
tt.vg/cdn-cgi/ 0
134 B 23ms
23ms XHR
text/plain 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tt.vg/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tt.vg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://tt.vg
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7830b455391d9279-FRA

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 72ms
30ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=tt.vg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 70ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tt.vg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1C4 87 KB
32 KB 414ms
414ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.2501161696~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=2&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0&nras=2&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YM9fIE8QAs&p=https%3A//tt.vg&dtd=44

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81562263395ac7aa3f065d89a60359c0aa3be32be6187b7f27eb2bfb66e7ed6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32714
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:50 GMT
expires: Mon, 02 Jan 2023 04:20:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7467 98 KB
34 KB 317ms
317ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4261ed1b3cdb11b27c2001207baf60d1753cd40193773eba851e6f080096abb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35067
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:50 GMT
expires: Mon, 02 Jan 2023 04:20:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E76 100 KB
35 KB 294ms
293ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.431695890~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=1&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280&nras=4&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yFJ8lgzkGO&p=https%3A//tt.vg&dtd=53

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43feae65c7e387bbaa5d27d5da2f7cdc9ecb292758a30bd88501d07251f9205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35529
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:50 GMT
expires: Mon, 02 Jan 2023 04:20:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF7F 436 B
236 B 349ms
348ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.431694939~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=1&bdt=1519&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280&nras=5&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=BryeH59VZq&p=https%3A//tt.vg&dtd=57

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fadae76e0e23dffefea9ca8bcc88eee5cf8e47bde8d5d5606db27de177bd5d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:50 GMT
expires: Mon, 02 Jan 2023 04:20:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
67ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=8942&su=tt.vg&d=0&pvc=587645291925487&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 88ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame B5F6 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 59610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 11:47:20 GMT
etag: 10353107486223812946
expires: Sun, 15 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 3502 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 59610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 11:47:20 GMT
etag: 10353107486223812946
expires: Sun, 15 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B5F6 4 KB
1 KB 78ms
28ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 02:32:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B5F6 205 B
229 B 37ms
35ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 23:20:23 GMT
x-content-type-options: nosniff
age: 18027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jan 2024 23:20:23 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B5F6 604 B
628 B 38ms
36ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:01:12 GMT
x-content-type-options: nosniff
age: 1178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 02 Jan 2024 04:01:12 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame B5F6 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 09:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 09:01:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5F6 0
20 B 69ms
68ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=0-%26adk%3D1812271808%26client%3Dca-pub-4327943744181213%26fa%3D8%26ifi%3D10%26uci%3Da!a%26xpc%3DoMFfMsaRR8%26p%3Dhttps%3A%2F%2Ftt.vg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3502 8 KB
968 B 62ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 02:39:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3502 2 KB
765 B 73ms
28ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 3502 23 KB
9 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3502 3 KB
1 KB 73ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 18:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 18:53:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3502 18 KB
7 KB 63ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 08:56:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3502 153 KB
47 KB 175ms
81ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 3502 34 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 21:35:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C676 13 KB
5 KB 51ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 27493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 20:42:37 GMT
expires: Mon, 01 Jan 2024 20:42:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 17D4 783 B
535 B 37ms
34ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2f105a82296ddcc709a1400ff8578cabee9b1e293f3081c9d8c7f4af3507437a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-daWsXuaoRWVc6d30Ph8RIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-daWsXuaoRWVc6d30Ph8RIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:50 GMT
expires: Mon, 02 Jan 2023 04:20:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame E0CC 8 KB
895 B 72ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 03:36:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E0CC 2 KB
765 B 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame E0CC 23 KB
9 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E0CC 3 KB
1 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 18:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 18:53:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E0CC 18 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 08:56:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0CC 153 KB
47 KB 142ms
131ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame E0CC 34 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 21:35:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 17D4 0
0 71ms
70ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=587645291925487&rc=05AJ4Tk-4lmHWewPAiSOkbB6K5FFbdniKufYgEah0_VPmYVE3iGR2_ZpQUC3nNUwS9GXm42jZMtIO0X3dobuBu7_lS9SuRt6CVVNirmGnaGSTVwBNhnRr_1ijJEuxEoYrRnibDBZ3SlnaI7P9350JcEk2ii0AZgc2S1IyCrw6qZ_T62po
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E34 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C676 36 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 21:35:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E34
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:50 GMT
expires: Mon, 02 Jan 2023 04:20:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0E76 8 KB
895 B 44ms
43ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.431695890~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=1&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280&nras=4&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yFJ8lgzkGO&p=https%3A//tt.vg&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 04:11:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0E76 2 KB
765 B 21ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 0E76 23 KB
9 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0E76 3 KB
1 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 18:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 18:53:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0E76 18 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 08:56:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0E76 0
0 36ms
34ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTo2UN0I7BRMiotOlQPLxM3ylM6xsLN4eHiTnSU0Xb0WnrwjltRCkW__SfLSl7CimrPGoKOX-MKuymyhVrnJRGWelHAA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.431695890~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=1&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280&nras=4&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yFJ8lgzkGO&p=https%3A//tt.vg&dtd=53
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E76 153 KB
47 KB 164ms
86ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 0E76 34 KB
14 KB 41ms
39ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 21:35:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E76 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf-CKoluyY43NDv_sx_AP3saDWNf-zZ9uptCCmIsQ28Tlso0OEAEg2ZD5bWC7BqABt5iBoijIAQmpAlKGDmGCYXs-qAMByAPLBKoEuwFP0FiuQxwYBrmEfu5557p8RpNDvQkFoU1ZFLpIy_hfQusvw3LIvI61ubm9K2kjB_ta_4E3pxJi6PLdl3urRxWBinrdz3RL5aBzGCaFMdfMtXDv1RYELB_fZiWyXPMwfqR5PNEpGQug8Pay1esR6PalybOxebT8q1K5aYMIj9nGK1zRkd2qTqtdFOaYUXhhClA_JkZYJ5a0UExttOx6--K6uJ8gWi3iqFyU6NCBQA08-v7bAntgrw8FrKdLwATlmvWj9wOSBQQIBBgBkgUECAUYBKAGLoAHtb7FlQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCaqQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi00MzI3OTQzNzQ0MTgxMjEzGAA&sigh=JxV0HUwURa8&uach_m=[UACH]&cid=CAQSOwDq26N9yaw2acbgW-ryDZtftOJUD7r7e-fUgsMFzAeuNHZpqb3AOsEQN-r9KioF6rHlrFceEnGfQnzuGAEgEw&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.431695890~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=1&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280&nras=4&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yFJ8lgzkGO&p=https%3A//tt.vg&dtd=53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 04:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11805330001461775557/ Frame 0E76 39 KB
39 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11805330001461775557/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feba198dccb5d35db7262c56e6b2d142b2999313dd98a673ef73d25eedf0743e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 16:39:08 GMT
x-content-type-options: nosniff
age: 128502
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39868
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 03:02:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Dec 2023 16:39:08 GMT

GET
DATA 200
OK truncated
/ Frame 0E76 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0E76 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 7467 8 KB
895 B 36ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 02:57:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7467 2 KB
765 B 26ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 7467 23 KB
9 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7467 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 18:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 18:53:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7467 18 KB
7 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 08:56:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7467 0
0 30ms
29ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSo7V07Zuy4IjMat_4oyh72oMtQJm0SIFVmBeqEEefCtdEeJJlEDvUI-QNqlnFhQMgbhRz_vkl7QBFU94Tc9aCI-RJ1aA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7467 153 KB
47 KB 110ms
109ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 7467 34 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 21:35:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7467 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnWeaoluyY7HFDpWKgAeQxBy-lN-fboHK3NO-EI7Zt4WPOBABINmQ-W1guwagAbeYgaIoyAEJqQJShg5hgmF7PqgDAcgDywSqBLgBT9BTwjDAdlScfbZohGrXOWl5freZpJyYqUXWHRgcReSqT0_Rj02b3iEpvO3g4TiQDtfrQPmtfvyHbF3BF0LbPE17h21pQeltcAeUdyT9G0VlZwswdjFuj6nq97wI1LIPOSzwt_BPwzku1BWPr7q3N0f9vWbMvdENMZx6qECBQW-TLxV2SsEZoxFRSzt83ug8MAGFE68aqU2SHrL-Ppq9LdcNN4dJP-_ZLUnhIMNJ3C8KEb__Lvv6_MAEtuOJ_pIEkgUECAQYAZIFBAgFGASgBi6AB8m3-MkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ6FTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi00MzI3OTQzNzQ0MTgxMjEzGAA&sigh=CCe0I9BboGY&uach_m=[UACH]&cid=CAQSOwDq26N9MjgSNXzDq_qKbnmIHy8pW8HItYtbuK3c4QRcOjDjEA280Cct9-oUB46eucwDfTI4OGvRNWC5GAEgEw&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 04:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5060115199638901397/ Frame 7467 12 KB
12 KB 50ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5060115199638901397/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b5e9fc44a95e479c226fbf165688cf2920fe7c623284b4c36b02aaab736d9f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 15:02:10 GMT
x-content-type-options: nosniff
age: 566320
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12642
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 13:58:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Dec 2023 15:02:10 GMT

GET
DATA 200
OK truncated
/ Frame 7467 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7467 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame B1C4 6 KB
672 B 45ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.2501161696~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=2&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0&nras=2&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YM9fIE8QAs&p=https%3A//tt.vg&dtd=44

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 04:01:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B1C4 2 KB
765 B 34ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame B1C4 23 KB
9 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B1C4 3 KB
1 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 18:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 18:53:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B1C4 18 KB
7 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 08:56:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B1C4 0
0 30ms
27ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjfM0e1WwR_MRS48aHBfMOPFLp5cLrR2SdGaUShWPz3Kohk6veAKC10lbfU7_Fps9Oe0gUF4Y8Fx6au-K3nzgJn11Rrw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.2501161696~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=2&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0&nras=2&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YM9fIE8QAs&p=https%3A//tt.vg&dtd=44
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1C4 153 KB
47 KB 85ms
83ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame B1C4 34 KB
14 KB 39ms
35ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 21:35:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 726D 1 KB
643 B 46ms
35ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 75167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Mon, 02 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1C4 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjLkHoluyY_WTDsqxx_AP9MimiASJ05eIbu6Bs5jkEJjH-MSPDhABINmQ-W1guwagAf-XpOYoyAEJqAMByAPLBKoEwQFP0Ax5euK5baOPCT9lUmjoye_3r_WXQ32GI1QreGmasV3EyQwzG_k4A8h03AMTEN5QrSOfXgtao3x0m_7nEM7pQqIpmmLIyiv7R4SOCCqitcIf8DVrQPIFiyCP8I6yLLuDnPnBMqwW7YH8Ossf_b9Cc52f9b7jJlY8hHexvTErrCjNBbwk8FkU5MfVmJMRlXYdQHUxuphhtmKLfbKebwCUKOLeHVSOmJ7wnJURbMmAw9qqJNcHc8dItNjGE_yIBuCmwASt_qnvhQSSBQQIBBgBkgUECAUYBKAGLoAH_8_0xQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCiRtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi00MzI3OTQzNzQ0MTgxMjEzGAA&sigh=koTRS16Ji7o&uach_m=[UACH]&cid=CAQSOwDq26N9JGRvLQn-e_1V2orZTx46Cdu9o9oLZHQxqFtScNJFReyBEQnr7MaHv2fwZW7fq9OIvM5_oTIcGAEgEw&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.2501161696~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=2&bdt=1518&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0&nras=2&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YM9fIE8QAs&p=https%3A//tt.vg&dtd=44
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 04:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16755373053258849398/ Frame B1C4 9 KB
9 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16755373053258849398/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fdfd17fc1aeea35d91918beabd8b85ffc595ecf5a0570de2f5a41cc03dd179c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 15:12:30 GMT
x-content-type-options: nosniff
age: 47300
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9397
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 18:52:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 15:12:30 GMT

GET
H3 200 3081865409853028496
tpc.googlesyndication.com/simgad/ Frame B1C4 3 KB
3 KB 21ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3081865409853028496?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4864845dfa501e1c7f43a24a8fd85dd5f68d54cec4caac8c0a82c4071c0a3eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 20:06:23 GMT
x-content-type-options: nosniff
age: 461667
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3149
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 15:07:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Dec 2023 20:06:23 GMT

GET
DATA 200
OK truncated
/ Frame 0E76 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53fa0d8f759e2332cd6fb245200cc8342d1b9fe68f152b1c556d8bf484c123b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2CE3 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tt.vg
URL: https://tt.vg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 21:35:44 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AD6 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tt.vg
URL: https://tt.vg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 21:35:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1329 1 KB
643 B 35ms
35ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 75167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Mon, 02 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7467 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6af7498da0d69e740c247c4045a61aaad4d2b8a6d011b3073beab15aa99bffd6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=tt.vg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tt.vg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D407 98 KB
34 KB 202ms
202ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72911b72804a558d6bb797584b09fac54a57ad8909d7d067695d2c6a10546637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tt.vg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34737
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 04:20:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 726D 35 B
463 B 95ms
21ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMo8C1t-EI2CZKdBGAs0WEw&google_cver=1&google_push=AavPq0PPh3nlB6cjdRdl_jVdJUSs39K2dt8145znv7r_wXwV-0cfUyU9X5MtxqJJPN98dbMPenCFdIJez4FX1k9TFPPc8av6F5Q83Gkg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 726D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOMaTYKtJDuZvj0uJLyrhhg&google_cver=1&google_push=AavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5Hjyt...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOMaTYKtJDuZvj0uJLyrhhg&google_cver=1&google_push=AavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5Hj...

43 B
414 B

200ms
185ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOMaTYKtJDuZvj0uJLyrhhg&google_cver=1&google_push=AavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5HjytJLg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5HjytJLg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7830b45c2ec62be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 794
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOMaTYKtJDuZvj0uJLyrhhg&google_cver=1&google_push=AavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5HjytJLg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O-9dw5zfrgtV1-9wqAAhVoTYlDSOkTjk9kxqiE1j8GlQ-F3NGKGTQRuZyEh3vbvq3GnTOpQhcs63rv3a4XGtNW3QEJ5HjytJLg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7830b45a3d6f2be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 726D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJ5cD250uZMPcM_IusAOY8g&google_cver=1&google_push=AavPq0N8-C8alF9LIysZK1IUShmWR3YfH_HujEo16XeD2uiAyD0RCMKn_MOxEkoaGO7vyKBGUG3jTIkNSXRe8sO0TI9wLhOkRwS0c_k
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B99BAAF31F5541528A5C461EDE54655E&google_push=AavPq0N8-C8alF9LIysZK1IUShmWR3YfH_HujEo16XeD2uiAyD0RCMKn_MOxEkoaGO7vyKBGUG3jTIkNSXRe8sO...

170 B
232 B

61ms
60ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B99BAAF31F5541528A5C461EDE54655E&google_push=AavPq0N8-C8alF9LIysZK1IUShmWR3YfH_HujEo16XeD2uiAyD0RCMKn_MOxEkoaGO7vyKBGUG3jTIkNSXRe8sO0TI9wLhOkRwS0c_k

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Jan 2023 04:20:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B99BAAF31F5541528A5C461EDE54655E&google_push=AavPq0N8-C8alF9LIysZK1IUShmWR3YfH_HujEo16XeD2uiAyD0RCMKn_MOxEkoaGO7vyKBGUG3jTIkNSXRe8sO0TI9wLhOkRwS0c_k
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 01 Jan 2023 04:20:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 726D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=au7KKZIDRX2YpKZTKdDkaQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

137ms
59ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=au7KKZIDRX2YpKZTKdDkaQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NtRfMPeYEPXh8DphTLEZTHbocfzl5IUPEaQjaxMGPweHNV1dXD1c_v9Ms22XCWuLJLeKgnXizvxc-Fs56l-LV-6geSKQ5Sb8Yh

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=au7KKZIDRX2YpKZTKdDkaQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NtRfMPeYEPXh8DphTLEZTHbocfzl5IUPEaQjaxMGPweHNV1dXD1c_v9Ms22XCWuLJLeKgnXizvxc-Fs56l-LV-6geSKQ5Sb8Yh
date: Mon, 02 Jan 2023 04:20:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 726D
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPTUsQEPufYo2gOWvZiDy9Y&google_cver=1&google_push=AavPq0Od6Jr5FAoxV0cAzabTgAq1lqcc8STQ-mjBQqmmXDgetRNsUhPJslyLpoYQbf-x7TlXYFW-oAQNYUaRXZaZ...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0Od6Jr5FAoxV0cAzabTgAq1lqcc8STQ-mjBQqmmXDgetRNsUhPJslyLpoYQbf-x7TlXYFW-oAQNYUaRXZaZN9Z6Nv7mMYjNQwKX

170 B
329 B

60ms
60ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0Od6Jr5FAoxV0cAzabTgAq1lqcc8STQ-mjBQqmmXDgetRNsUhPJslyLpoYQbf-x7TlXYFW-oAQNYUaRXZaZN9Z6Nv7mMYjNQwKX

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Jan 2023 04:20:50 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0Od6Jr5FAoxV0cAzabTgAq1lqcc8STQ-mjBQqmmXDgetRNsUhPJslyLpoYQbf-x7TlXYFW-oAQNYUaRXZaZN9Z6Nv7mMYjNQwKX
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ceewHmBafD7o79d_0uUCU-5GMMZnYQfoWoymFCKyImJgL91J1bsy_w==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 726D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0OpvGAdv_nFOQq19CIRHwXIb3Sq07lTltUf8WHuhOL_Om5UF6sfoHkCiRt4cot9d9lFvzWIcDYQfDoeKTSBO_4DKCcj_xw9eh7b&redir=https%3A%2F%2Fcm.g.d...
https://sync.targeting.unrulymedia.com/csync/RX-3f0f7eab-3353-4d6a-9369-99902238ce83-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0OpvGAdv_nFOQq19CIRH...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OpvGAdv_nFOQq19CIRHwXIb3Sq07lTltUf8WHuhOL_Om5UF6sfoHkCiRt4cot9d9lFvzWIcDYQfDoeKTSBO_4DKCcj_xw9eh7b&google_hm=Az8PfqszU01qk2mZkCI4zoM

170 B
188 B

60ms
60ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OpvGAdv_nFOQq19CIRHwXIb3Sq07lTltUf8WHuhOL_Om5UF6sfoHkCiRt4cot9d9lFvzWIcDYQfDoeKTSBO_4DKCcj_xw9eh7b&google_hm=Az8PfqszU01qk2mZkCI4zoM

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OpvGAdv_nFOQq19CIRHwXIb3Sq07lTltUf8WHuhOL_Om5UF6sfoHkCiRt4cot9d9lFvzWIcDYQfDoeKTSBO_4DKCcj_xw9eh7b&google_hm=Az8PfqszU01qk2mZkCI4zoM
date: Mon, 02 Jan 2023 04:20:51 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3f0f7eab33534d6a936999902238ce83003
content-type: text/html

GET
H2

200

report
sync.teads.tv/um/ Frame 726D
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJzIPjhK7Oo-LDbockFR_yc&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0NatmWmqkSa4JrvBHmLkh_oweWojxx8gck3avdwu2ayUit3eQm_cKTMVFbQK_ttL4chBIYv4gQc2crY0jl-9JX-ARlkvfUM_EDQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

67ms
67ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 02 Jan 2023 04:20:51 GMT
pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 726D 0
223 B 186ms
57ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhgTpJtom99mu_-OwI8nmv37ypyDTtWe0fFNVSOx93gkM05YvstWMQd5B_OzDyevcdq-Yhyw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7467 28 KB
28 KB 90ms
24ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 283509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 21:35:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FC5B 1 KB
643 B 35ms
35ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 75167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Mon, 02 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B1C4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bcd9117add45381bb634cb980e17abda3644d4667938255ea016111e55aac07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0E76 28 KB
28 KB 41ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 283509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 21:35:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C676 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IFwv8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B1C4 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 200406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 20:40:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B1C4 15 KB
16 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 560158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B1C4 15 KB
15 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 290315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 19:42:15 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1329
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJMKGJuegfLgNyX2BVAuME4&google_cver=1&google_push=AavPq0NsKkAjbP6NidZOpMFPPVnXesw5VRRkBneYQryzb7t3vsE1nhg-zRSwjn08Xp4PGRhV70fayhF0RlxiISFL-lymXMn2wkLQR6Y
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY4MzkwNjY5MzEzMTAyNDcyMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1

43 B
398 B

32ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 02 Jan 2023 04:20:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1329
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGoHdCNquQxo9yUlCfQrMFM&google_cver=1&google_push=AavPq0NaDCmAaVpTLRt4lb-XVF039hKbNMP0t1FWhjZJL0lgC4XRDiN20l...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0NaDCmAaVpTLRt4lb-XVF039hKbNMP0t1FWhjZJL0lgC4XRDiN20l2HaDwscRo67Il6WhX0Gk1P-2znSiii9tWON-lMbUopGWA&google_hm=_1GiS5dQ2...

170 B
188 B

102ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0NaDCmAaVpTLRt4lb-XVF039hKbNMP0t1FWhjZJL0lgC4XRDiN20l2HaDwscRo67Il6WhX0Gk1P-2znSiii9tWON-lMbUopGWA&google_hm=_1GiS5dQ2MFgLxec0NWERA

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0NaDCmAaVpTLRt4lb-XVF039hKbNMP0t1FWhjZJL0lgC4XRDiN20l2HaDwscRo67Il6WhX0Gk1P-2znSiii9tWON-lMbUopGWA&google_hm=_1GiS5dQ2MFgLxec0NWERA
pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1329
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELeeK5bs52l2UvfOV9-P7_c&google_cver=1&google_push=AavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZ...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELeeK5bs52l2UvfOV9-P7_c&google_cver=1&google_push=AavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPk...

43 B
385 B

183ms
183ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELeeK5bs52l2UvfOV9-P7_c&google_cver=1&google_push=AavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZJ0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZJ0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7830b45c9f042be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 814
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELeeK5bs52l2UvfOV9-P7_c&google_cver=1&google_push=AavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZJ0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OJ1aSYxR__Vs1KzHZoFMWuHFmyg7WZhaUCM6XgR4nOpRDrtg_rhELqeW79vC53YZRD_1hUqK4RJlp8oj8Xg8ZP_by1DPkIZJ0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7830b45b0df62be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1329 70 B
265 B 123ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEEkfNAq2Rzbv5y4r6Pozt0&google_cver=1&google_push=AavPq0O9I0bK_NNYqbGu6ezLFSo3En0pvSGqa7sDrm8djeNSPwb7I3trktZWJywe8AQmh3YOlDFT9qUoyKl61nUiJ3AWNVVVdZa0WzY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1329 0
173 B 86ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELCxDiEdsv1uFRJifwPoMiU&google_cver=1&google_push=AavPq0N4l7sxAEDerEWdk6hG_WIpt1tkLDNYZMFpfgWZ8Orptl5KYk80ne9T0XT9yC_jCETJF4TvuWEaI58KuR4LjPBLyRXlT3clwlk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1329 43 B
350 B 63ms
20ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFy0e-rA_uBJqG0zp06clyk&google_cver=1&google_push=AavPq0OW7Ygbj3wtoRWV3HqXsmeK2pJtIhLHKXfG1mNwBjQc6BsDkmxcgpqiZa-icRQgXgfl4zpj96S_Hhlj3XL-xLxHAKSFhj_3FQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 51gico1rdc6e86b25bk0ikf65rhk1nv1

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 1329 0
45 B 86ms
21ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECkYJeLh6jr64ZokrXg89GQ&google_cver=1&google_push=AavPq0NWczOPSI0TBQg0IUDKNCNbCfk-g5TEbARcATmqyZ5L_1zvCliO5kOFHm_cpRxzgPiljgF0mbMVt3r7fCOY4VnnOX74S6RejA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2486371531~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1200x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250164&bpp=3&bdt=1519&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280&nras=3&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=SyAEwWm2Dh&p=https%3A//tt.vg&dtd=49
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:50 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1329 0
49 B 58ms
57ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCel7f_rjIvzFoWAXB-l9--MFoQjbgxt0SHttVc2zpTRA4a_lSQE9Ojkym__jDg619qZaG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B330 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 21:35:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D407 8 KB
895 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 04:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 03:10:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 04:20:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D407 2 KB
765 B 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame D407 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D407 3 KB
1 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 18:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 18:53:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D407 18 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 08:56:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D407 0
0 32ms
27ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_Q9xzhN8Ed25_CCTwRlfvTrV8T8YzYl_Z0RgMifEpi_9Vem2c23v0uJU02wtTDDSWT_8DHAOMPzcbuEZeDbujcJ5Pjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D407 153 KB
47 KB 73ms
70ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 04:20:51 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame D407 34 KB
14 KB 41ms
37ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 21:35:44 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B66 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 21:35:44 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FC5B
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1&google_push=AavPq0MPD5VPojR4OsJ0PqYdbqurPrtyUgfC_xgVSN681guwiy4aSHEFUXFLnxbxwayVz9zv6f-kbOglaZqIt7uLnctzzG9HjRECcwrs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYxMTg0OTA5OTA5MzA5Njc4NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1

43 B
398 B

33ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 02 Jan 2023 04:20:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3m7Oj0shTmBWqi5RhpeTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC5B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHAnuN2jUmcipuVVMkTArY&google_push=AavPq0MDxAPEZRxnw-AQ58E8YIdCm8lt0LIVcHw1UWtmGm_xUnCPSYWeN-...

170 B
188 B

60ms
59ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHAnuN2jUmcipuVVMkTArY&google_push=AavPq0MDxAPEZRxnw-AQ58E8YIdCm8lt0LIVcHw1UWtmGm_xUnCPSYWeN-2V5kfhrRtBrc_3diJM-hc4SEjQBj0DrT5BuwqfosqDUOii

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21082-AMS
pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1672633251.157637,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHAnuN2jUmcipuVVMkTArY&google_push=AavPq0MDxAPEZRxnw-AQ58E8YIdCm8lt0LIVcHw1UWtmGm_xUnCPSYWeN-2V5kfhrRtBrc_3diJM-hc4SEjQBj0DrT5BuwqfosqDUOii
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC5B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPkjD-iL5uQ2wQmqMRwKTBo&google_cver=1&google_push=AavPq0MufQCt9aoQH7YrXgTzqizp65vTovVLZcggWxBGOI9g_TKDDPR2m4btK8F7N2lCjKitU01M2pwp...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPkjD-iL5uQ2wQmqMRwKTBo&google_cver=1&google_push=AavPq0MufQCt9aoQH7YrXgTzqizp65vTovVLZcggWxBGOI9g_TKDDPR2m4btK8F7N2lCjKitU01...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA1MzQxMDYzMDcyNzE5Nzg4NQ&google_push=AavPq0MufQCt9aoQH7YrXgTzqizp65vTovVLZcggWxBGOI9g_TKDDPR2m4btK8F7N2lCjKitU01M2p...

170 B
188 B

59ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA1MzQxMDYzMDcyNzE5Nzg4NQ&google_push=AavPq0MufQCt9aoQH7YrXgTzqizp65vTovVLZcggWxBGOI9g_TKDDPR2m4btK8F7N2lCjKitU01M2pwpsk7-X_U_Y1xcgQSHqfuO55Ux

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA1MzQxMDYzMDcyNzE5Nzg4NQ&google_push=AavPq0MufQCt9aoQH7YrXgTzqizp65vTovVLZcggWxBGOI9g_TKDDPR2m4btK8F7N2lCjKitU01M2pwpsk7-X_U_Y1xcgQSHqfuO55Ux
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC5B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGoh3aiIGKtGVkW197tMOIA&google_cver=1&google_push=AavPq0PL3GAV8EWOv3YZxf3-yIAv3qAtXOIdjAWqcEOhGKIUHRmt6nfW9m5E_Y0fJmT0OdgM68g...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENFQU5HSVAtMjUtWFhT&google_push=AavPq0PL3GAV8EWOv3YZxf3-yIAv3qAtXOIdjAWqcEOhGKIUHRmt6nfW9m5E_Y0fJmT0OdgM68gnUBEwcZhzoAWUhCRA_jfgKhvn6oW-

170 B
188 B

59ms
59ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENFQU5HSVAtMjUtWFhT&google_push=AavPq0PL3GAV8EWOv3YZxf3-yIAv3qAtXOIdjAWqcEOhGKIUHRmt6nfW9m5E_Y0fJmT0OdgM68gnUBEwcZhzoAWUhCRA_jfgKhvn6oW-

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENFQU5HSVAtMjUtWFhT&google_push=AavPq0PL3GAV8EWOv3YZxf3-yIAv3qAtXOIdjAWqcEOhGKIUHRmt6nfW9m5E_Y0fJmT0OdgM68gnUBEwcZhzoAWUhCRA_jfgKhvn6oW-
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC5B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMSP55PwnaTJEPURkbIRXH0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMSP55PwnaTJEPURkbIRXH0&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMSP55PwnaTJEPURkbIRXH0&google_hm=Y7Jbo6UcRjitOnrucApkDwAABG4AAAIB&google_nid=index&google_push=AavPq0NMkcMh-iuWvbWuwOzOJyh2ql2cYWC95...

170 B
188 B

61ms
60ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMSP55PwnaTJEPURkbIRXH0&google_hm=Y7Jbo6UcRjitOnrucApkDwAABG4AAAIB&google_nid=index&google_push=AavPq0NMkcMh-iuWvbWuwOzOJyh2ql2cYWC95WDDwtDzc4VR_mfw60cAlPwLxuPv6xqa3gzG0Aj_OFYIow9iKVhldLyCcZwwYJl1RJYe

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JDDFCQQTsnWmV3D%2FnF3OmhOuiSrVWyYB2H83%2Fe0UaLndqwvm2bo%2B2d9JyRIhSwCuL%2FP9fOjJGUukSL6raQnhjAQx41XtlKTth179TvrUvxsheziTnGLh5bhaefwt722uwchfqNvXo4pxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMSP55PwnaTJEPURkbIRXH0&google_hm=Y7Jbo6UcRjitOnrucApkDwAABG4AAAIB&google_nid=index&google_push=AavPq0NMkcMh-iuWvbWuwOzOJyh2ql2cYWC95WDDwtDzc4VR_mfw60cAlPwLxuPv6xqa3gzG0Aj_OFYIow9iKVhldLyCcZwwYJl1RJYe
cache-control: no-cache
cf-ray: 7830b45c4d509b52-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC5B
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMrIZzia1RyHT-I-S7LNkN0&google_cver=1&google_push=AavPq0MJJ20L1NbgP8g-8kkD1C8b3NozFz9bgUcadMO37fSuR0ryJg0WNTXx-zLuKsriSqPrlD1p3W2Yk4bAT5ooV...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMrIZzia1RyHT-I-S7LNkN0&google_cver=1&google_push=AavPq0MJJ20L1NbgP8g-8kkD1C8b3NozFz9bgUcadMO37fSuR0ryJg0WNTXx-zLuKsriSqPrlD1p3W2Yk4bAT5ooV...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MJJ20L1NbgP8g-8kkD1C8b3NozFz9bgUcadMO37fSuR0ryJg0WNTXx-zLuKsriSqPrlD1p3W2Yk4bAT5ooVNDG_NpbsPdKlzI&google_hm=F6skKGZHgn8EvxznT8G...

170 B
188 B

59ms
59ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MJJ20L1NbgP8g-8kkD1C8b3NozFz9bgUcadMO37fSuR0ryJg0WNTXx-zLuKsriSqPrlD1p3W2Yk4bAT5ooVNDG_NpbsPdKlzI&google_hm=F6skKGZHgn8EvxznT8G1N30r

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 02 Jan 2023 04:20:51 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MJJ20L1NbgP8g-8kkD1C8b3NozFz9bgUcadMO37fSuR0ryJg0WNTXx-zLuKsriSqPrlD1p3W2Yk4bAT5ooVNDG_NpbsPdKlzI&google_hm=F6skKGZHgn8EvxznT8G1N30r
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC5B
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFsr6DdPnuC_jzHAivHnq6c&google_cver=1&google_push=AavPq0O4V05WIbUiA...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEFsr6DdPnuC_jzHAivHnq6c%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE0NzQ0MDY1MTk1MjgwNjY1&google_gid=CAESEFsr6DdPnuC_jzHAivHnq6c&google_cver=1&google_push=AavPq0O4V05WIbUiAGvSCtTwzWr42cNVfEq7eQJoGZ...

170 B
188 B

60ms
60ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE0NzQ0MDY1MTk1MjgwNjY1&google_gid=CAESEFsr6DdPnuC_jzHAivHnq6c&google_cver=1&google_push=AavPq0O4V05WIbUiAGvSCtTwzWr42cNVfEq7eQJoGZkdUb19EeL2cuSFKNwGf_LmkJk0Hia2tSTXegxxR6MtDuElMmDPA0mzwxTzV6xf0w

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 02 Jan 2023 04:20:51 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.48.94.3; 37.48.94.3; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 899433ee-d23e-4bb6-8dae-c22d17798875
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE0NzQ0MDY1MTk1MjgwNjY1&google_gid=CAESEFsr6DdPnuC_jzHAivHnq6c&google_cver=1&google_push=AavPq0O4V05WIbUiAGvSCtTwzWr42cNVfEq7eQJoGZkdUb19EeL2cuSFKNwGf_LmkJk0Hia2tSTXegxxR6MtDuElMmDPA0mzwxTzV6xf0w
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FC5B 0
12 B 113ms
56ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L54tMya0Adu-NAN1uSsaRd1h3QM2XbZ_Yeee62XpEo4dsVu8GR_GwcHqJRbSyQGxnX2vKTww

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D407 0
0 71ms
68ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXoMwoluyY7C5M9WZ-gaj7YeIDsrtg55u_t6CmIsQn4btw40OEAEg2ZD5bWC7BqABt5iBoijIAQmpAlKGDmGCYXs-qAMByAPLBKoEuwFP0NQS2hdMePJL7L2gVVCBpRqegkIhhkDG0JKe5m0TzzVyU3Et5Gkrzn6GX6H1rvkaytLl0BEJ429mlvF33SgO26-PvPKYV93VI1kcX97N98X1NehInA9GSTkHi_q9KbSvbzsNWc1CmoDN_LY4mEEh3DKMjQIsroHnQT7Jlx4lIOW-RPL48DNiRx9xqL0DRXEvtAnEGlzy9o8dJBM99xAn1UU2FzuGHBHVA9EoBN-HyM-plS9vj7Q2GrxGwATBkPPHhwSSBQQIBBgBkgUECAUYBKAGLoAHtb7FlQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCLJ9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQE0BUBgBcBshccChoIABIUcHViLTQzMjc5NDM3NDQxODEyMTMYAA&sigh=5MOteAddcpA&uach_m=[UACH]&cid=CAQSOwDq26N9k4dtXq3qkmY4yJIKwGSvEx2khhlDt3i_cCY48lamepoeKGMG1WQhd9zFiHsYgG14OA3RS03jGAEgEw&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 04:20:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15132141630309190612/ Frame D407 12 KB
12 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15132141630309190612/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b5e9fc44a95e479c226fbf165688cf2920fe7c623284b4c36b02aaab736d9f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 06:21:28 GMT
x-content-type-options: nosniff
age: 79163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12642
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 02:13:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 06:21:28 GMT

GET
DATA 200
OK truncated
/ Frame D407 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D407 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 19B5 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 21:35:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 883B 1 KB
643 B 35ms
35ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 75168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Mon, 02 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D407 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53607dbdae7b6a5d82ea8952bc0e1c09460197c7a9ffd321bd71982a4bec87ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D407 28 KB
28 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 283510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 21:35:41 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 883B 0
104 B 77ms
26ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOEbzidqWdwQKnruel8BmFE&google_cver=1&google_push=AavPq0MPpG7FQs4d293HYQYHg-vGBhusZi0OhKHn8WqdXkFALeRy9aJ4PcVWKZ3wP1vep_SQv4hfiYlEvSjcST278CpWUcl63rKzog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 883B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO3owA81UzmgaTu80I4kItw&google_cver=1&google_push=AavPq0PlLa9pClPJIeh00eBagKJ2aHiowaRoT5kCJLN4xuAzkbV5KZToH-EN4szxacQMbdimOeZakPOyS_DBH5HV...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PlLa9pClPJIeh00eBagKJ2aHiowaRoT5kCJLN4xuAzkbV5KZToH-EN4szxacQMbdimOeZakPOyS_DBH5HV72os_TZb00YA_9A

170 B
188 B

58ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PlLa9pClPJIeh00eBagKJ2aHiowaRoT5kCJLN4xuAzkbV5KZToH-EN4szxacQMbdimOeZakPOyS_DBH5HV72os_TZb00YA_9A

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 02 Jan 2023 04:20:51 GMT
Server: MT3 277 3f0ad7a master zrh-pixel-x2 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PlLa9pClPJIeh00eBagKJ2aHiowaRoT5kCJLN4xuAzkbV5KZToH-EN4szxacQMbdimOeZakPOyS_DBH5HV72os_TZb00YA_9A
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 02 Jan 2023 04:20:50 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 883B 43 B
609 B 230ms
207ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEB9AJitB0MJuIj8zFdJQGpc&google_cver=1&google_push=AavPq0PYZgz6HmqxSJ5W3EdAvl_yMtRrgT_gnLD4qBCG6S0cJkHNn_AmhPtjbpVfWP2p0irSd0BhosIVCmamfSgdu9qYjQ9O_vlJwjI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PYZgz6HmqxSJ5W3EdAvl_yMtRrgT_gnLD4qBCG6S0cJkHNn_AmhPtjbpVfWP2p0irSd0BhosIVCmamfSgdu9qYjQ9O_vlJwjI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7830b45cd9719213-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 883B 70 B
264 B 31ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHwW0tGYXUcUcLbQUb8OVoM&google_cver=1&google_push=AavPq0PR0IIbjMRwuf7_gmIgIDcAoQT2FPTOvDZ9QPPOWEIZ2387Im1iJd2uUtRt7QkVkr6SRwUifVlFs_I4gya2DkSq2908o2HY7A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 02 Jan 2023 04:20:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 883B 0
12 B 57ms
56ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkBeHarBPRR6wR-CxZkT-viO553f4WuCn2G56LpYH7eEDbWbGw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 04:20:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CE3 36 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=2593819728&pi=t.aa~a.431697824~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1672633250&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672633250173&bpp=1&bdt=1527&idt=0&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32c3695110f3edee-22b094f6edda004b%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w&gpic=UID%3D00000b9bff12f478%3AT%3D1672633249%3ART%3D1672633249%3AS%3DALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA&prev_fmts=0x0%2C1110x280%2C1200x280%2C1110x280%2C1110x280%2C1600x1200%2C1005x124&nras=8&correlator=7482951849343&frm=20&pv=1&ga_vid=697623001.1672633249&ga_sid=1672633250&ga_hid=5693737&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44780792&oid=2&psts=ACgb8ttVRVOKY26Fm-_o1jNtFsbL8AK5QB_tlKoPbSa5QCqTpVaJjiCofQ0zaIF7l8OO8qyvvGBTfmA-HvD7zjk8V8-WFaigjwQj94kUCkOs71U%2CACgb8tuJlHSCIYN4tZTUUF97c2eXbJwt4i4KcpHhirp1wJNhY0O4-zo2LJ4KMJvER9oft1RbOgRfL-ntxLhh6EyNjA&pvsid=587645291925487&tmod=1070711086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=yFTDqAOatI&p=https%3A//tt.vg&dtd=645

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 21:35:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
69ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=587645291925487&bg=!PD-lP3vNAAYgquz3AKo7ACkAdvg8WuZhEMnU_vgNC_R9a9yHSVjrqHtEv4Ibe2EGXY8dkuf0CDzs_wIAAAIzUgAAAAJoAQcKADAu3xVH_c93Kr1jqaEO5rvRLECANOeAP3BP7Y9mclQn5RaQBQcn9ehNs7aje31SpDGZArUsYrwbRh4v6EYASoqhsAO4d5wq8icuLMqDNBCLTIBskiSmkt64J7ZfqsKErF4MXTGy2kSwHthVtjtGKnX5_ecxiLwwhSbV2J6ioe00-I89U4TAu76rF1X7EwH6vS6kdcW9lmpIn2EorkE6CQa2s_-qeQtOEDckPO8eNkf7PIUEKswpzqScN-VRCyKueL9ljToXImM3x5FL3ZPRA93jUU5NZ8rUaJYKwmZ4YJ1UD3DyzP9Gn0Ob1ZJVcBGIAdAjSKkCTK5lWPI6Z6mGjNnjt3c3VFAQVXSTm2Vs-q-7O3tKA1ChkE3lIVPWby6e5eCmLMieXbI0s44KgwFm1HgK3N-YDSDm95Pw56qxNHp6CCWUCQIa26WoNDDB4Ubn6p02_fKoEDW8OpGtJiWDZtwXhhwbZrzpUJC9HN_Jxf88e1uDGOZYU7Br_YgJfJF8B5Xbuw-LdAjE4navhvytQuMZUd-5w4AYUWPjh-UkNB43lNi4VzWSpNhyGZoLiE52P_uRioa8P4a31f-xqJzRYTNHhT7Rum53-HLfq7EbUj_d7dxl0AEkG89dCh_tDSCWRO4075CRuFV8XCuXLH4jayxByZ0J77S7IbwoZ6NOe6PEYXs5Rfw8yOjyJSx8RgqvxfnMJXOSdWP_Kk3kwvI2IVl4IcloYUxFiNbeO5RygFAZfcIboNHJsMTC9W7MgVqirLmqhbRhpiTIWHklIjHjGWA4Ec848evLI60k7BLHODg4KUIdACewPtiOLTKxsWymv_Y7Iw23wQfHLl5Sc2CGuWScTYpkrnGwL2vQBEfl6UkW5pr0RGxVhy5hIWi0w_4OMhbESDWij-aJe5txsuv5guK72uBMRxVuvBH0EtrPuHG2jSV-z3z2roaPvtA3vFuN6XBlwQm6_Cjyb6gxJnUAFQSbGmtGrd2o1t4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tt.vg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:56:25	Name: _GRECAPTCHA Value: 09AJ4Tk-5CbNEyKMEw5RVHrOo63J8vz5eT14o_R0zqwG1JPQNpynCp4ElJvvrVZsHWM_--7Pcqo3ZTTTrJboTeD-M
tt.vg/	1969-12-31 23:59:59	Name: PHPSESSID Value: vp8mrst7c2c4cl5h1lsfhtl676
.tt.vg/	1970-01-20 18:13:13	Name: _ga_5GBHM4THHH Value: GS1.1.1672633249.1.0.1672633249.0.0.0
.tt.vg/	1970-01-20 18:13:13	Name: _ga Value: GA1.1.697623001.1672633249
.tt.vg/	1970-01-20 17:58:49	Name: __gads Value: ID=32c3695110f3edee-22b094f6edda004b:T=1672633249:RT=1672633249:S=ALNI_MaWf_KNHdcZRNBvCIuGc7aoHYUt2w
.tt.vg/	1970-01-20 17:58:49	Name: __gpi Value: UID=00000b9bff12f478:T=1672633249:RT=1672633249:S=ALNI_MaNNuAdHa2sDsx8VUlCKUBmJ1LEjA
.doubleclick.net/	1970-01-20 08:37:16	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 17:58:49	Name: IDE Value: AHWqTUmkve6woetS4Jxcu8NeDIZ5v7e8LqjzSBT3PCMjjwI1oaM96aOVMvykRjlwU_4
.pubmatic.com/	1970-01-20 08:38:39	Name: KTPCACOOKIE Value: YES
.simpli.fi/	1970-01-20 17:24:15	Name: suid Value: B99BAAF31F5541528A5C461EDE54655E
.quantserve.com/	1970-01-20 10:46:49	Name: d Value: EEUBCQH6J4EA
.quantserve.com/	1970-01-20 18:07:27	Name: mc Value: 63b25ba2-e3a5f-30d94-5906d
.1rx.io/	1970-01-20 17:22:49	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3f0f7eab-3353-4d6a-9369-99902238ce83-003%22%7D
.pubmatic.com/	1970-01-20 17:22:49	Name: KADUSERCOOKIE Value: 6AEECA29-9203-457D-98A4-A65329D0E469
.targeting.unrulymedia.com/	1970-01-20 17:22:49	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3f0f7eab-3353-4d6a-9369-99902238ce83-003%22%7D
.blismedia.com/	1970-01-20 17:22:53	Name: b Value: 63B25BA33530FE60B0D295F1BLIS
.turn.com/	1970-01-20 12:56:25	Name: uid Value: 3611849099093096784
.adform.net/	1970-01-20 09:21:51	Name: C Value: 1
.adnxs.com/	1970-01-20 10:46:49	Name: uuid2 Value: 314744065195280665
.casalemedia.com/	1970-01-20 17:22:49	Name: CMID Value: Y7Jbo6UcRjitOnrucApkDwAA
.casalemedia.com/	1970-01-20 10:46:49	Name: CMPS Value: 1134
.casalemedia.com/	1970-01-20 10:46:49	Name: CMPRO Value: 1134
.adform.net/	1970-01-20 10:03:37	Name: uid Value: 9053410630727197885
.everesttech.net/	1970-01-20 17:22:49	Name: everest_g_v2 Value: g_surferid~Y7JbowAAAjfD3wAo
.casalemedia.com/	1970-01-20 10:46:49	Name: CMTS Value: 2187
.tribalfusion.com/	1970-01-20 10:46:49	Name: ANON_ID Value: aYnseFyKalGobWm8ZbRiKRqD5ZbnC1gbYNcJDWJX0cYZaDxIWukhqrUxZduMRpejs2H1p44FgdYtaYNIYwC4Cu4Zd
.lijit.com/	1970-01-20 17:22:49	Name: ljt_reader Value: F6skKGZHgn8EvxznT8G1N30r
.mathtag.com/	1970-01-20 18:03:08	Name: uuid Value: bbf463b2-5ba3-4900-b2bd-68a92885674b
.mathtag.com/	1970-01-20 09:20:25	Name: mt_mop Value: 4:1672633251

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271802&client=ca-pub-4327943744181213&fa=2&ifi=11&uci=a!b&btvi=5&xpc=ldLktPtqEJ&p=https%3A//tt.vg Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
secure.adnxs.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
tt.vg
um.simpli.fi
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.201.194
151.101.66.49
172.64.154.237
185.29.132.245
185.64.190.78
185.86.139.104
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.19.147.45
23.203.125.36
2600:9000:223f:8600:1b:5138:8a40:93a1
2606:4700::6810:3965
2606:4700::6812:18ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:82b::200a
2a00:1450:400d:803::2003
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:807::2008
2a02:fa8:8806:16::1400
2a06:98c1:3120::c
2a06:98c1:3121::c
34.91.62.186
34.96.105.8
35.227.252.103
35.71.131.137
37.157.4.29
37.252.171.52
63.251.14.3
69.173.144.165
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
05ef436f1563af185373a04e6bd2de1efd485afa77661536a432b2d2a230aec8
06cba97350b1b1205b83ecbfb876821ab8a6f0d5baddbc546a97ed7865b8ccc1
0764fbaf28b48639aa8a4c6244d07b22341d958094f4d8a7c62b6936fa9c2a4a
0b5e9fc44a95e479c226fbf165688cf2920fe7c623284b4c36b02aaab736d9f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fdfd17fc1aeea35d91918beabd8b85ffc595ecf5a0570de2f5a41cc03dd179c
139a90853100a3a4afa575e33a8134a26d92cabbd26044c62f93ccc938dbb7c1
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1823500ee86a20d18d69defa16b1d7d64299d5840faf4b65b421e621cd1e527b
1832fd814ef6059ee26f096df70e101b50022cffb4fe0c508c5d9869e65809cb
18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148
192f158b4605f0b9bffd6d086c834b5dac318d14a8f42b8c22144c294eee2ee3
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
27df2f0f5920beb815e662147728283d9eec37973b40f8917072f581381f4079
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2f105a82296ddcc709a1400ff8578cabee9b1e293f3081c9d8c7f4af3507437a
310bd640fec7a71439624dcd3283d6c509f5b22eeb1c852a53dbfd2172290b64
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345d7f0379689f4d88d39b40b97e5995308eaa22e37756f10d9f4353361652a2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4261ed1b3cdb11b27c2001207baf60d1753cd40193773eba851e6f080096abb6
44a7caf237d3473bf815cec2b718cfa039055bdd8d234f3792d2dfcf992c3bec
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4864845dfa501e1c7f43a24a8fd85dd5f68d54cec4caac8c0a82c4071c0a3eab
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc661f636f195609c6a56234a8e61501290e70790ae3c9bba1557fb84f88edc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6
53607dbdae7b6a5d82ea8952bc0e1c09460197c7a9ffd321bd71982a4bec87ed
53fa0d8f759e2332cd6fb245200cc8342d1b9fe68f152b1c556d8bf484c123b8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648775f95901e24afe12a1a5b904fc38eef9642ea4592a4ad842592771d54592
649eb0850204e9e602ebe94b7ee9b5d5bb70a2d1cccd2a750713abe1bd0bf268
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
6a53e358d9729b82f3b59887f709dc13bc0164e6fbfbfd639940f820901386d7
6a87a2de940fcd825afbdd64763da4afbb96732da942bc0e07763e17566bc1f8
6af7498da0d69e740c247c4045a61aaad4d2b8a6d011b3073beab15aa99bffd6
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
70a61061ecf9e6f6a497315d699b281ec1e9505dba1fd9331f02ef5416a6ebaa
72911b72804a558d6bb797584b09fac54a57ad8909d7d067695d2c6a10546637
7a5f1b1a775539fd7153b19c1edb543b046dd57fb0ca540fa448749fc722d130
81562263395ac7aa3f065d89a60359c0aa3be32be6187b7f27eb2bfb66e7ed6b
864835646fb814d6182e9f39fee7d734cbc040c96b195d2e6131167999394bbe
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
887d6a17e3f465e3781be9292d4f17676e9e41034a21898de4de3ada1cf35bec
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8ca49c11918ee8d0a8d76c3ecf38a16eeef0f02d55ed6656f6d6d56e573f6d7f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
95d7aa853769ad4fd368ac28f201ab903c567ef7719ee542016f40a73841c96b
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bcd9117add45381bb634cb980e17abda3644d4667938255ea016111e55aac07
9c2dd943287224dc7e1145b864202d040ff0b87396dc9293dcac3d5ce9fc0c42
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e5a6a3d6a017d78d5bf449b85367fc198de54f3fd179ffb372f9f38122c2330
a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a43feae65c7e387bbaa5d27d5da2f7cdc9ecb292758a30bd88501d07251f9205
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
bc040a1756b3162d1c9908a008cb616db071b8564f7c8551f7deb0443abb875d
bc8f28dec6f38c0a2e8a03fd136c96f56b875cebf4abe0d77803551d519f5dac
bf427039f141cd2a1b2be39923bb64324368a9e138dfcec86a1323fa86e20977
c0af31c6ff066af42be01942d97b843c037874f184e1c96f0a6bdf3946a4d1b9
c1bd51e114753f99252a3a188249026e184becda90451dec0a1643bfcf85e297
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c309c7f23e5e2d9dd668c79eee9b39a6f5333a9db6ad5c9fe0fb290d352ff257
c623b35f07798c31cdd7f44c416abe18298cf25d842c2adcbf2ce3d29d65c6a9
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
c9a0b2b2b65e12ba2c00c8751f95a9c724c9ab7bf182b6ad88775b8257f41909
ca300b81042ac5b1915f7c7619ee7306b4a81931e4a8c5692f4cac37a1128d7a
cae1762bd27fb4e0a35d9759539ce672c3033d50e8bf02668fc1a15e7f2a7af6
cf4644d1714253e3191325bb5d1f02df845679a152df5a976db08e2242d6becc
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d0afa34695933663b97d3ff2846d107957e82f9ab49423d784512b4abbf542da
d326e1beb637fb1a95450797ec2eef966c01a063ef1d8e5903013f80e719bce7
d868e2eb1c677e53f7157750db9ebd54de55e16afd5dbd795c3da2e13c0e5a0b
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a
ed35b2f51ce1194d1e2f198652c7195811bd9a1a9c27c9221080654a53818443
f002de98a08348d79f04c198fafc8571cc50d2c0d73c2e38ad498784b87af74f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f79b4bcd8580176cef84bc7a633291696808f11418ac91be5356b315a3e04eb0
fa578bc87be816b3db85edd15e8300cddb9eadf04a973f6d6d4e45e65c41a15f
fadae76e0e23dffefea9ca8bcc88eee5cf8e47bde8d5d5606db27de177bd5d52
feba198dccb5d35db7262c56e6b2d142b2999313dd98a673ef73d25eedf0743e
ff2d96e12ddb06108b83358c22b1638d4cd8cec667823b6af9da2d5db88838a1

tt.vg Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

91 %HTTPS

56 %IPv6

33 Domains

39 Subdomains

25 IPs

9 Countries

2374 kBTransfer

5868 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tt.vg Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

91 %
HTTPS

56 %
IPv6

33
Domains

39
Subdomains

25
IPs

9
Countries

2374 kB
Transfer

5868 kB
Size

29
Cookies

190 HTTP transactions
12 data transactions