www.anonigviewer.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://anonigviewer.com/
Effective URL:
https://www.anonigviewer.com/
Submission: On November 08 via manual (November 8th 2022, 11:04:32 am UTC) from US — Scanned from NL

Summary HTTP 140 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 33 domains to perform 140 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.anonigviewer.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 14th 2022. Valid for: a year.

This is the only time www.anonigviewer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	54.152.172.136 54.152.172.136	14618 (AMAZON-AES) (AMAZON-AES)
3	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
4	54.179.66.88 54.179.66.88	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	35.84.93.102 35.84.93.102	16509 (AMAZON-02) (AMAZON-02)
1	52.48.231.49 52.48.231.49	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	34.246.142.233 34.246.142.233	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b110:e592:4eb7:d27a:33ba	14618 (AMAZON-AES) (AMAZON-AES)
1	3.218.4.10 3.218.4.10	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6 22	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.189.90 35.157.189.90	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
12	2a02:26f0:350... 2a02:26f0:3500:588::21cf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.175.160.109 35.175.160.109	14618 (AMAZON-AES) (AMAZON-AES)
140	39

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

anonigviewer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

anonigviewer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.anonigviewer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.152.172.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-172-136.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.179.66.88 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-66-88.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.84.93.102 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-93-102.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.231.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-231-49.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.142.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:e592:4eb7:d27a:33ba (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.4.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-4-10.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.106 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

760a90dcbaea3e653eba22a09f52be4b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
45719d625092f8eb4109f884415a7c22.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.122 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.189.90 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-189-90.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:3500:588::21cf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

client.bannerspace.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.175.160.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-160-109.compute-1.amazonaws.com

report3.hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 760a90dcbaea3e653eba22a09f52be4b.safeframe.googlesyndication.com 45719d625092f8eb4109f884415a7c22.safeframe.googlesyndication.com 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 167	145 KB
26	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367	433 KB
17	anonigviewer.com 2 redirects anonigviewer.com www.anonigviewer.com cdn-1.anonigviewer.com Failed	116 KB
12	bannerspace.net client.bannerspace.net — Cisco Umbrella Rank: 49350	220 KB
7	powerad.ai powerad.ai — Cisco Umbrella Rank: 21140 reporting.powerad.ai — Cisco Umbrella Rank: 24325	52 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819	4 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17 Failed	2 KB
5	cpx.to p.cpx.to — Cisco Umbrella Rank: 12990 s.cpx.to — Cisco Umbrella Rank: 3621	6 KB
5	gstatic.com fonts.gstatic.com	39 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 361	31 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 690 ib.adnxs.com — Cisco Umbrella Rank: 313	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	128 KB
4	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 25271	4 KB
4	brainlyads.com hb.brainlyads.com — Cisco Umbrella Rank: 21547 report3.hb.brainlyads.com — Cisco Umbrella Rank: 78600	191 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 10272	1 KB
3	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 732 image2.pubmatic.com — Cisco Umbrella Rank: 1407	77 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1095	486 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 571	947 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1319	2 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	40 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 2438	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
2	liadm.com 1 redirects rp.liadm.com — Cisco Umbrella Rank: 2330 rp4.liadm.com — Cisco Umbrella Rank: 6437	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	10 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2832	41 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 ajax.googleapis.com — Cisco Umbrella Rank: 447	32 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 483	457 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11960	552 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2184	584 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 989	463 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 457	265 B
1	ad.gt a.ad.gt — Cisco Umbrella Rank: 4512	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	43 KB
140	33

	Domain	Requested by
15	www.anonigviewer.com	www.anonigviewer.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
13	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
12	client.bannerspace.net	s0.2mdn.net client.bannerspace.net
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	s0.2mdn.net
4	s.cpx.to	p.cpx.to
4	www.googletagservices.com	hb.brainlyads.com 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
4	pixel.zprk.io	powerad.ai
4	powerad.ai	www.anonigviewer.com powerad.ai
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.nl	securepubads.g.doubleclick.net
3	reporting.powerad.ai	powerad.ai
2	report3.hb.brainlyads.com	hb.brainlyads.com
2	googleads4.g.doubleclick.net	www.anonigviewer.com
2	onetag-sys.com	1 redirects 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	pm.w55c.net	2 redirects
2	s0.2mdn.net	www.anonigviewer.com s0.2mdn.net
2	ib.adnxs.com	1 redirects googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com www.anonigviewer.com
2	www.google.com	tpc.googlesyndication.com 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
2	2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.smartadserver.com	1 redirects
2	secure.adnxs.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	hb.brainlyads.com	powerad.ai www.anonigviewer.com
2	cdn.jsdelivr.net	www.anonigviewer.com
2	stackpath.bootstrapcdn.com	www.anonigviewer.com
2	anonigviewer.com	2 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
1	45719d625092f8eb4109f884415a7c22.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	760a90dcbaea3e653eba22a09f52be4b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	match.adsrvr.org
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	p.cpx.to	powerad.ai
1	a.ad.gt	powerad.ai
1	www.googletagmanager.com	powerad.ai
1	ads.pubmatic.com	www.anonigviewer.com
1	ajax.googleapis.com	www.anonigviewer.com
1	fonts.googleapis.com	www.anonigviewer.com
0	cdn-1.anonigviewer.com Failed	www.anonigviewer.com
140	50

This site contains links to these domains. Also see Links.

Domain
nextmillennium.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-14` - `2023-01-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
powerad.ai Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2021-11-25` - `2022-12-27`	a year	crt.sh
*.zprk.io Amazon	`2022-10-19` - `2023-11-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.nl GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
werelddeal.klm.com Sectigo RSA Organization Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
report3.hb.brainlyads.com R3	`2022-10-30` - `2023-01-28`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.anonigviewer.com/
Frame ID: DFD2690F65A4503712079A100A7EB0D4
Requests: 43 HTTP requests in this frame

Frame: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667894400
Frame ID: 8E6CAD13C21140E828A882B70EF772AC
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: EB37305C0684E5BDA061AAA34E4AD07C
Requests: 4 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: FD4BDF52A9C57B9C191E49627D07B570
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 4CECE26EE49E618F210D13D1E0F2DA40
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 15EF10E8B5011B3E3567F3887EC301ED
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 5DA7C2715A64E8B90A4782EF6408E949
Requests: 8 HTTP requests in this frame

Frame: https://760a90dcbaea3e653eba22a09f52be4b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2
Frame ID: AC00DEEBAC0AD0433B0A9E3A6BD2ACFB
Requests: 1 HTTP requests in this frame

Frame: https://45719d625092f8eb4109f884415a7c22.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2
Frame ID: F6A8A0D286FE8EC1D5BAF5033E432D60
Requests: 1 HTTP requests in this frame

Frame: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2
Frame ID: B3A21ADB16BE09486F7AF823EF0162B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EA17DFD8BF7893E7F4E6CCB83BFC906
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B6D30D4AF13AAEE6D62815DF5E3E3FC8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C068A4D64229C182A34E059FE5241F9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CC670D3902E3B3B6CDF7778F5702D2F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE39F1BB545289781833B0E5407501A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C4014CAA96D2F472D0DF7446BC7F7BCE
Requests: 2 HTTP requests in this frame

Frame: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2
Frame ID: FC66433056B4D84D00389E15E6E338A3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCFog4YnqjyrQEwAQ&v=APEucNUJpBqKvUmv2m2GfMbo1gdrS_xDIVQAJbrIjbEBISj4aY6IeJ98FDHgRoJyGukxzibsfZk4Cd47hrLrW_rNW1nXg3VbQtUnOvmohe2KbifZFV_NE0KA2fF3dT9nuuMPIza8mt4_ZU5io_28Eag-huCjEfjC5Wb5sIK5wL2pDVGSYzwPHIU
Frame ID: AD1DF3B83DD1D8037AB62E270A416DDE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 29B390D1FAB3602872CCDCC6680E6941
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E9AA1B78184F3251CFEB6B287602277C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html
Frame ID: 5B2C34A22427ACB067B40DA9894D9E43
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anon IG Viewer - Watch Instagram Stories Anonymously

Page URL History Show full URLs

http://anonigviewer.com/ HTTP 301
https://anonigviewer.com/ HTTP 301
https://www.anonigviewer.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

140
Requests

86 %
HTTPS

49 %
IPv6

33
Domains

50
Subdomains

39
IPs

7
Countries

1635 kB
Transfer

4314 kB
Size

41
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://nextmillennium.io/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://anonigviewer.com/ HTTP 301
https://anonigviewer.com/ HTTP 301
https://www.anonigviewer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://rp.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.anonigviewer.com%2F&duid=2b27a1790eed--01ghbekc6nc7tnaxk1m6b01qb6&se=e30&dtstmp=1667905466583 HTTP 302
https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.anonigviewer.com%2F&duid=2b27a1790eed--01ghbekc6nc7tnaxk1m6b01qb6&se=e30&dtstmp=1667905466583&i6=MmEwMDoxNjMwOjI6NjA2OjoxNQ%3D%3D&n3pc=true

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4e00212e-2563-44c5-b820-bf3d936feea0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=4e00212e-2563-44c5-b820-bf3d936feea0&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=4e00212e-2563-44c5-b820-bf3d936feea0&google_gid=CAESEAV5LBwYtWjDhiDFViX8DgI&google_cver=1

Request Chain 51

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4e00212e-2563-44c5-b820-bf3d936feea0 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4e00212e-2563-44c5-b820-bf3d936feea0 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=3D720AC5-55F1-4E06-9A15-45FECA7760A1&fid=4e00212e-2563-44c5-b820-bf3d936feea0

Request Chain 52

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.anonigviewer.com%252F%26hn_ver%3D40%26fid%3D4e00212e-2563-44c5-b820-bf3d936feea0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12967%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.anonigviewer.com%25252F%2526hn_ver%253D40%2526fid%253D4e00212e-2563-44c5-b820-bf3d936feea0 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=3174707944690274053&pid=12967&ref=&url=https%3A%2F%2Fwww.anonigviewer.com%2F&hn_ver=40&fid=4e00212e-2563-44c5-b820-bf3d936feea0

Request Chain 53

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D4e00212e-2563-44c5-b820-bf3d936feea0&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4e00212e-2563-44c5-b820-bf3d936feea0&gdpr=0&cklb=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1&C=1

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2o3vJGq663fhJccIW1qKgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEO66TztHVp1C1pNMrOK4914&google_cver=1

Request Chain 98

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3NDcwNzk0NDY5MDI3NDA1Mw%3D%3D

Request Chain 106

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMKICDZ8I9WfTu3qZx2pqq8&google_cver=1&google_push=ASkJ3FbkLSnoRxRq-cbqxxh5-TpX2QPowyS8DS-bGLL0T6kK9Wf_PVu7iuvXigBE3fzArV_0tykeMTpyWmprDhYC97UrsmogUbka HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMKICDZ8I9WfTu3qZx2pqq8&google_cver=1&google_push=ASkJ3FbkLSnoRxRq-cbqxxh5-TpX2QPowyS8DS-bGLL0T6kK9Wf_PVu7iuvXigBE3fzArV_0tykeMTpyWmprDhYC97UrsmogUbka HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OENrRmYzT2ExT1NtcDY1&google_gid=CAESEMKICDZ8I9WfTu3qZx2pqq8&google_cver=1&google_push=ASkJ3FbkLSnoRxRq-cbqxxh5-TpX2QPowyS8DS-bGLL0T6kK9Wf_PVu7iuvXigBE3fzArV_0tykeMTpyWmprDhYC97UrsmogUbka

Request Chain 107

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAKCPi8nicO-6Xv0HMNWRN0&google_cver=1&google_push=ASkJ3FZ9g9nRctwiMwemr9y8Dpj0rkWWwOwsQ4SiXVeWswTZ-8rgLj86jR5-oe4V_pk_5dJijYNaFm3IEy_x80ILw4tk3zy1Udpf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzU5OTQzNzg4OTMzNzQ4Ng%3D%3D&google_push=ASkJ3FZ9g9nRctwiMwemr9y8Dpj0rkWWwOwsQ4SiXVeWswTZ-8rgLj86jR5-oe4V_pk_5dJijYNaFm3IEy_x80ILw4tk3zy1Udpf

Request Chain 108

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN4GLiwsN8at_HeY8DjdYno&google_cver=1&google_push=ASkJ3FYLPWM5bFA1JKefi6m-wfqNb6uFxf-gFAPA7k8Frn9WIpKH9tBX0iU9rym5mE2ox3IzOuNSUwz9Wwidqsn12GOhbiteCM8- HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DqcSw5-cQR2Y28StSF779Q2&google_push=ASkJ3FYLPWM5bFA1JKefi6m-wfqNb6uFxf-gFAPA7k8Frn9WIpKH9tBX0iU9rym5mE2ox3IzOuNSUwz9Wwidqsn12GOhbiteCM8-

Request Chain 109

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKO_ox0TYOtdJ5Ze42sNdUM&google_cver=1&google_push=ASkJ3FYch30hmthPEnDvQ6J4znxG4tGVXjD-RjsNNvv_HcaDVcLRzrWuRMUz24w5keU1r1kxI6waEWQDs_6VgbaXyDRRVT0ACl0L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4M1VOWlMtMVItUkNX&google_push=ASkJ3FYch30hmthPEnDvQ6J4znxG4tGVXjD-RjsNNvv_HcaDVcLRzrWuRMUz24w5keU1r1kxI6waEWQDs_6VgbaXyDRRVT0ACl0L

Request Chain 110

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC9admo-w8JQHWe2Qyn1DE0&google_cver=1&google_push=ASkJ3Fb4nyoKcrMF7oHLPU-d_gF83zNThwrWPPqsWlW9Pt_uqACt5QBfkHRjXU2HaHB5Z3cy9gp-LOgFQvs6ztCOsQomHDDSWc5t HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fb4nyoKcrMF7oHLPU-d_gF83zNThwrWPPqsWlW9Pt_uqACt5QBfkHRjXU2HaHB5Z3cy9gp-LOgFQvs6ztCOsQomHDDSWc5t&google_gid=CAESEC9admo-w8JQHWe2Qyn1DE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDAyOTU5NDIzOTQ4MDI2OTI2Mjkx&google_push=ASkJ3Fb4nyoKcrMF7oHLPU-d_gF83zNThwrWPPqsWlW9Pt_uqACt5QBfkHRjXU2HaHB5Z3cy9gp-LOgFQvs6ztCOsQomHDDSWc5t

Request Chain 111

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEImAD4y4M38rRmx6U6qHYoo&google_cver=1&google_push=ASkJ3FYpODX-hgp0EluG1ucTxxx50ggVqZyA3tqijLdylWdyZT4M1tb8ksm-_6kvl43YNi5kJmFzWOyGZ-DugP49BSAkajI5Tvfx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYpODX-hgp0EluG1ucTxxx50ggVqZyA3tqijLdylWdyZT4M1tb8ksm-_6kvl43YNi5kJmFzWOyGZ-DugP49BSAkajI5Tvfx HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

140 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.anonigviewer.com/
Redirect Chain

http://anonigviewer.com/
https://anonigviewer.com/
https://www.anonigviewer.com/

37 KB
8 KB

409ms
392ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312f2c387ca6152ec288ddf221311605056fddb5a9c98e2477de1e08bef493bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 766dd3dcf8dfb89a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 08 Nov 2022 11:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x5azAOLlybZXHDL4ENiyA4HjQ%2BKv4G0%2FimEuSTpw0OhzJj8r6%2BrsaBlkDTkOY9SBJPpDuBJ31LseH8tvlEh%2BNDFSPe07QsQzQAqR90DASbRPW11kkcK9M%2FeCOto3NlzzqzHhDfLvmXTcsZRvCJ24uKYog%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 766dd3da8ca2b89a-AMS
content-type: text/html; charset=iso-8859-1
date: Tue, 08 Nov 2022 11:04:23 GMT
location: https://www.anonigviewer.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Deufo5hK%2BqZUQ00kfB9E%2F2dxQcPuRBoN71rMtWvwb4gdEF61CeveP3Xji2a3O3WG6BJAqZY8PxwrhDMVwmsEVxm9XGwZjH3IIjHSO75p5OdDsVtOs2zVr9NgP%2F2axVN3fC8gCQmTza%2Fhjh79kcJ4"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 130ms
42ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:14:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Nov 2022 11:04:24 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 97ms
39ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.anonigviewer.com/
Origin: https://www.anonigviewer.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 883
age: 1042763
cdn-cachedat: 07/01/2022 20:10:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"3afe15e976734d9daac26310110c4594"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3e69aff40748e509a1cf3babc0e4124b
timing-allow-origin: *
cdn-requestcountrycode: NL
cdn-status: 200
cf-ray: 766dd3dfdf410a47-AMS
cdn-requestpullsuccess: True

GET
H2 200 theme.min.css
www.anonigviewer.com/assets/css/ 25 KB
6 KB 38ms
36ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/assets/css/theme.min.css
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7edddd3d7a45413d9f308ba8e844720ea50d457c0f601fa758ccda0f9afb2316

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Dec 2021 09:14:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4210
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1elKb%2B3J0lV5c3DWBelAeVRDnONW8X69FMEmP1WyDyyiTZvxrfMukKOD4SAOZqYkFOHXlvfrRelK2kMPf3%2F6gUA8U4QBP1farN2OKkJKnodJUBYXqSKh1yaS%2BYUPVi%2BllEXfLA0QsKX6UQ3wbEIisLXRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 766dd3df7d3cb89a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.v3.min.css
www.anonigviewer.com/assets/css/ 3 KB
1 KB 36ms
35ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/assets/css/main.v3.min.css?v=2
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55dbe42998a9196bd135135a20a7a1fb408a8ea302baee55109d4bfad7d2f66e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Dec 2021 09:14:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 252460
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwrW30JCjVJYolQxYR209f8%2Bf1IBnpC0jC8ZhPcTu92LgbhIbcn0HJG6GDXrhn0FM3JP%2BVRNjGJFNuAOEy22zVUDT%2BHjua%2FE0kuq8fJXHTBJlQvLTXikvc3mUAXfeHBjQokOIAxqlGhv1lFs2IvNziwmhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: https://www.anonigviewer.com
cache-control: max-age=2592000
cf-ray: 766dd3df7d3eb89a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 13 Feb 2022 20:07:30 GMT

GET
H3 200 logo.png
www.anonigviewer.com/assets/images/ 11 KB
12 KB 31ms
31ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.anonigviewer.com/assets/images/logo.png
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 928cec4d7231b34b048155ce2b5108130bbb5d626c8fb3f2e61c282398d5b734

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 359796
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11733
last-modified: Wed, 08 Dec 2021 09:15:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKpmrLD7AAVWHKdw5WTjk0xoTOlr5p51fAFdPt1n9Yki1Kay1lxK2DnSkp%2B71PeTeaxsIBpiEY4gIG37jKrKMgaZWRO%2FiOzOzyZdh4zn4eqM2OeKfxMXPpm9fyDsJ8jKKYK%2Bt7xODVYXd2MQtcGAoxkCaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: https://www.anonigviewer.com
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 766dd3dfddce417e-AMS
expires: Sat, 14 Jan 2023 20:07:30 GMT

GET
H3 200 rocket-loader.min.js Show response
www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 28ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Nov 2022 12:48:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63650a09-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZheprTEe3XeWf6pzx4jic3Dbet1%2Fam3rLyPYzF9co53EcrDwpqYqtPMeHLxwTS%2BRH9qAJJB9f8L8z0n6D8Omr5EJq8DdvpfK0acf3%2FiH0zvao0aKwmYn8wFwWpObkK%2BFafkbELepiBnI6bL0tRBWp4Zmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 766dd3dfddcf417e-AMS
expires: Thu, 10 Nov 2022 11:04:24 GMT

GET
H3 200 bg.png
www.anonigviewer.com/assets/images/ 29 KB
29 KB 104ms
84ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.anonigviewer.com/assets/images/bg.png
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/assets/css/theme.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 049ec451899d884ab87cb29ddb116db3e91c493c359ef1432410d6313bc40601

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/assets/css/theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Dec 2021 09:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 632
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjMT1C3mgakFC7fTtDtAp3GIfy1og0jHBdH%2Fq0oSCZC6aBIqmKKnT9p5xPb2OwflcW7R6fDHGv6CPRYb9HfhFx6Ze6DORsRF%2BPMZ7q8h9QfzMWPN2Vh9LzyXOvw0H4By8OlNzsVcoqN6ZQB3HThItQRvdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 766dd3e08e41417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29190

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 278ms
29ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.anonigviewer.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 488372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 19:24:52 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 372ms
123ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.anonigviewer.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:08:09 GMT
x-content-type-options: nosniff
age: 359775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 07:08:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 317ms
70ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.anonigviewer.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 488363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 19:25:01 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 362ms
117ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.anonigviewer.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 488364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 19:25:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 365ms
121ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.anonigviewer.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 488363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 19:25:01 GMT

GET default-user-profile-image.png
cdn-1.anonigviewer.com/ 0
0

GET
H3 200 main.v17.min.js Show response
www.anonigviewer.com/assets/js/ 10 KB
4 KB 98ms
92ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/assets/js/main.v17.min.js?v=7
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a21dcfd165b07649877cb5eeeadac908ca7bdbe0552582d5605a62dec36974

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Dec 2021 09:15:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 632
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFdA4B47UWritM9T4t9nC%2Bt3odQt5vWEmdUlNf4DaAy4WVR2Rj9ZbT9kE6DbixQSp%2FeEid3nGt5Eomc%2BU6e6KePaMRQIFZBUYDGDTtqwp931cgXNxEFHSDaMxGuHrwGpJ7TLdJhp095CrWjUE16Doshmog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 766dd3e13eaf417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 topbar.min.js Show response
www.anonigviewer.com/assets/js/ 3 KB
2 KB 110ms
104ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/assets/js/topbar.min.js
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8259e6da6aafd6fe4f62310ae12fb6bed70c7a1793fb306843b7cda6afa6041

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Dec 2021 09:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 632
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZbL%2Fw8gOkK9EZBNW37oj1ArHnPhxmWk5IKW1Le0A6zqNe0aqTtrvCjyWPWScTIB9uVvIoWATVnU1yqfNfxNgTVVxiGZ0qhrEzok6Es4sfJy40YDcCMjFgSWntSAsCWVLnmMroEjXRusSVrsiTIVMqOTTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 766dd3e13eb0417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 peel1.js Show response
www.anonigviewer.com/assets/js/ 108 B
574 B 106ms
100ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/assets/js/peel1.js
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b357f2e5b199d7adfeae351a848473e137b7e7ec706d8e4a9925f410dbff69c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 17 Apr 2022 19:22:56 GMT
server: cloudflare
age: 3895
cf-polished: origSize=111
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VI%2FJ3AKqpfpFbx8kgNZEoQtHbenWDERh%2F0AE6XYkSnICkWCFlqRsxQukEqRmdtlRV4QYgr8sQtVkLFm0JKZR9bgb8vIR75okf86%2FnzOWAbPkS2ho775afZ9IDdpc1fjDG4SpYcsTZFgwFxecvxz%2Bvi0lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 766dd3e13eb1417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 21 KB
8 KB 214ms
88ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1759401
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-yyz4571-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml5dw4doY%2FcWA2HAEdTufORngkbHWyXYfLGg3ck%2Fooet2jOIA%2F%2BuLVBHfB31TjvE4lk0I3e0WmaOLuCGMCSoBKQKlJ%2BmQxSx1LpDf5fEtGDh5Bh806mWdPCRaJNBoKLuRo8XPshez4CIbDgUMwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 766dd3e1fab9b926-AMS

GET
H2 200 jquery.redirect.min.js Show response
cdn.jsdelivr.net/npm/jquery.redirect@1.1.4/ 2 KB
2 KB 156ms
31ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery.redirect@1.1.4/jquery.redirect.min.js

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeea52c66b93709d1f98bb69bbde2d15096e3bcdee471b00b4fccbfdc08f7624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13147901
x-jsd-version: 1.1.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19125-FRA, cache-ams21083-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"7ac-G8PRgxjtXWq0tlrrd/5xjQXXhh4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VcEhRgdmzctwK1119uJzoBgnEzdM9iuYp4uESSDGVcA9BEZDvPiOqzFLhuTD2cpSQY8ueOCvjTAf5qRCr0%2FTC3yEL9C8c38keT6slGxemwjqYL45%2FwOScWr%2FhtyjDg3UILUBJQIzOJdaofnqKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 766dd3e1fabab926-AMS

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 218ms
78ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 04:14:45 GMT

GET
H2 200 script.js Show response
powerad.ai/161099156635350/ 201 KB
44 KB 369ms
104ms Script
application/javascript 54.152.172.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/161099156635350/script.js
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.172.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-172-136.compute-1.amazonaws.com
Software: / Express
Resource Hash: ac345e55c8de7b3a71800d26cd161ab5a4d9091434ea3165b2fd47ee1c4f44df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: gzip
last-modified: Mon, 07 Nov 2022 22:52:35 GMT
x-powered-by: Express
etag: W/"3248e-184544ba86a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 invisible.js Show response
www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8E6C 40 KB
16 KB 102ms
97ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667894400
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d3f0bc8184a19fa3920674fd3ed1e0a8fa95e4bc188d7533f3a95f78ec7fda1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wpr9L%2BR%2B3OjpDces8QKy%2BUYxp97MErj7mCTHOcwp9M8VgdLB3WFc1WY51u35EO54XfHhTOSj1%2B8ShRXE91e5s%2F63n9Mn7WjD1yJ0kWH4HWnChzvaFqZQt6iJJxN4JVGrjyTq344zORFMfIEnHLAegp2fEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 766dd3e13eb2417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8E6C 20 KB
9 KB 126ms
119ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8da4234834eaaeebca3076f38521ffbd67bcf2bbce413102a61b51dfed04d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yrccCE7ZXCUW8Hk3vYp4b3L7XuLIFj8y%2FcPCPCkKp78PDrf1EeTgcQfqa2FWt980Z8rwgpo1zrwwM6d75t8Rt%2F3kHNxWfqTtHm%2Fq7CazOM1sNVqGfOA0VN7jvfYyQ2DAgX1Uzu0J9N1CYXKHl%2B8MUxDmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 766dd3e21f4e417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ 59 KB
16 KB 89ms
55ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.anonigviewer.com/
Origin: https://www.anonigviewer.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 883
age: 1142457
cdn-cachedat: 09/27/2022 03:30:48
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"6bea60c34c5db6797150610dacdc6bce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2da18d1c2daf5d7d2ef80dba4c0b87b5
timing-allow-origin: *
cdn-requestcountrycode: NL
cdn-status: 200
cf-ray: 766dd3e3d9310bd7-AMS
cdn-requestpullsuccess: True

GET
H3 200 invisible.js Show response
www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8E6C 33 KB
14 KB 32ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667894400
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36fec4d3caa10faa065220f593154d1b971ed4f0170faef3ec354d59934e885

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZGs6exj%2F%2BrmIlEitJzyrUORIv1%2BayCzS07Ith%2Fzv7RtaHb2VkgsBPKahHSSAavKvPiDWpxoK6r11zxKcX7x1qRkTEo9MaJvD0MwWNP3v1zf83BhJDI9izqFqqQ9fg1eB5Fy%2FS71%2FQkO0LBIb0tXl%2BzUMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 766dd3e49909417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8E6C 19 KB
8 KB 48ms
47ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 149c46c2340e86b09fd528d222aa3397a224a87db82136c1cb09c00a63c47fe2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9cVjulTE8SHApiB%2FJXQPM8SAiXIPjIW07DilV3rxhy2hwf7nS4tkVLOUBK9lUypH9H1vTL%2F8hOddgKn7P7%2FOntHbG6Vmt7qEYGOhTMYSrrOKEEotfXm%2BRuNNGaKlGsijIsPdyPtf6%2BpR3ZCDejrccRDug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 766dd3e4f98e417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 384ms
102ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.anonigviewer.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
222 B 386ms
105ms Fetch
text/plain 54.152.172.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=2
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.172.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-172-136.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
223 B 384ms
104ms Fetch
text/plain 54.152.172.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.172.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-172-136.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame EB37 247 KB
76 KB 130ms
31ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 44d4cfd96636f673d8f990db7c015327156e1abd1fa60557bbacf2335ff5a7f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 15:50:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=18738
accept-ranges: bytes
content-length: 77322
expires: Tue, 08 Nov 2022 16:16:43 GMT

GET
H2 200 pbjs_wrapper.v2.0.js Show response
hb.brainlyads.com/ Frame FD4B 49 KB
15 KB 366ms
131ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e44079e3aacd781cd8d2b8bf4c07b2db3847b2f310e86b6b6a06ef00c95e2f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Mon, 07 Nov 2022 07:54:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6368b9b0-c22f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 15 Nov 2022 11:04:25 GMT

GET
H2 200 / Show response
powerad.ai/pubPls/ 50 KB
7 KB 118ms
117ms XHR
text/html 54.152.172.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.anonigviewer.com%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.172.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-172-136.compute-1.amazonaws.com
Software: / Express
Resource Hash: 791860937c4fbd4f9f3b6778662df559aa478d16d142a1ceb64f2d288b1159d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"c8bf-5XwIR3Fx/sQkBwhrTU4EQjbldZY"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.anonigviewer.com
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame EB37 583 KB
176 KB 417ms
264ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d72940831a075444bb9a179f9d046d43ed0457d6d2bdd8f2892102b9f3ac14d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Mon, 07 Nov 2022 07:54:02 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6368b99a-91ad3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 15 Nov 2022 11:04:25 GMT

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 717ms
229ms Script
text/plain 54.179.66.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.66.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-66-88.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 244ms
60ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199721344-40

Requested by

Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

618927b6b10850893cc22ca5df20f816eed18c113df204c20b3c6007abc287fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43532
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Nov 2022 11:04:25 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 592ms
175ms Script
application/javascript 35.84.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.anonigviewer.com%2F&ref=
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.93.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-93-102.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 3412f0e8c06c9e1396d7884c5a1e5fc85296748e1ad495ab14a40a05704bd83d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Nov 2022 11:04:25 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12967/ 2 KB
2 KB 250ms
55ms Script
application/javascript 52.48.231.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12967/px.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.231.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-231-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f266acb707c5b2704c3b6e18e0888d7995bad0ba0ffec4a125146f7e3d058583

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 08 Nov 2022 11:04:25 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1990
Content-Type: application/javascript; charset=UTF-8

POST
H3 200 766dd3dcf8dfb89a Show response
www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8E6C 2 B
666 B 55ms
54ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/cv/result/766dd3dcf8dfb89a
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667894400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Nov 2022 11:04:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYTGoAHDicLlqy3lhD23XDEA0PzwMAi%2Bvh1QGEi%2FAikeKW4%2Fj3rlmjqvOfdYtTt0aDsu93UuTOipM9PgbLAYxAn5KD6cP5YrA1uzSJzVKjSGNsMduW3Wt%2BnOatBu1pTY6vFrenD0vFlhvEdnmE81y4jA8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 766dd3ebae17417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4CEC 79 KB
27 KB 191ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19aaa7f6f733553924a0e339d909cb5f8840c2125123fffcc5c6a0f089d0f28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27326
x-xss-protection: 0
server: sffe
etag: "1387 / 64 of 1000 / last-modified: 1667900771"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Nov 2022 11:04:26 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 15EF 79 KB
27 KB 114ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19aaa7f6f733553924a0e339d909cb5f8840c2125123fffcc5c6a0f089d0f28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27326
x-xss-protection: 0
server: sffe
etag: "1387 / 846 of 1000 / last-modified: 1667900771"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Nov 2022 11:04:26 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5DA7 79 KB
27 KB 83ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24fb6a16bc15f7c81f6567257ff6de1ee51734c8b69aa6c3ac2d4f1e0ba7ab9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27327
x-xss-protection: 0
server: sffe
etag: "1387 / 557 of 1000 / last-modified: 1667900830"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Nov 2022 11:04:26 GMT

POST
H3 200 766dd3dcf8dfb89a Show response
www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8E6C 2 B
673 B 41ms
40ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/cv/result/766dd3dcf8dfb89a
Requested by: Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667894400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Nov 2022 11:04:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7ZCQXXo%2FTpr4sFFhNlgJlXNHmILw0f8XU%2BzANuYd3a%2Fte0%2FbYlBO7yRCb4PsHKiLtVbvuX29uVnasgTnZMwmn%2Flhwptq8QRRotWrECZqtFFrn43DuxegjZh5%2B3V9OtSg%2BaQcCZGlir6alTS4TzOLxinnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 766dd3edf80a417e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 848 B
1 KB 168ms
41ms Script
application/javascript 34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12967&ref=&url=https%3A%2F%2Fwww.anonigviewer.com%2F&hn_ver=40&fid=4e00212e-2563-44c5-b820-bf3d936feea0

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

819f0be3dea597b1fc48acee70170e52d6f0f15b9ce58c221104a46d9f7a2f5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Tue, 08 Nov 2022 11:04:26 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 848
Expires: Mon, 07 Nov 2022 13:23:27 UTC

GET
H2

200

j Show response
rp4.liadm.com/ Frame EB37
Redirect Chain

https://rp.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.anonigviewer.com%2F&duid=2b27a1790eed--01ghbekc6nc7tnaxk1m6b01qb6&se=e30&dtstmp=1667905466583
https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.anonigviewer.com%2F&duid=2b27a1790eed--01ghbekc6nc7tnaxk1m6b01qb6&se=e30&dtstmp=1667905466583&i6=MmEwMDoxNjMwOjI6NjA2OjoxNQ%3D%3D&n3pc=true

13 B
552 B

603ms
101ms

XHR
application/json

3.218.4.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.anonigviewer.com%2F&duid=2b27a1790eed--01ghbekc6nc7tnaxk1m6b01qb6&se=e30&dtstmp=1667905466583&i6=MmEwMDoxNjMwOjI6NjA2OjoxNQ%3D%3D&n3pc=true

Protocol

Server

3.218.4.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-4-10.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
x-pixel-event-id: 32c2c79f-c8ae-4717-8213-468761a0b7af
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 70a5a67bf47411c1
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 08 Nov 2022 11:04:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.anonigviewer.com%2F&duid=2b27a1790eed--01ghbekc6nc7tnaxk1m6b01qb6&se=e30&dtstmp=1667905466583&i6=MmEwMDoxNjMwOjI6NjA2OjoxNQ%3D%3D&n3pc=true
access-control-allow-origin: https://www.anonigviewer.com
request-time: 0
access-control-allow-credentials: true
trace-id: e9648b390d0c4080
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 182ms
56ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199721344-40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 09:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5977
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 08 Nov 2022 11:24:49 GMT

GET
H2 200 pubads_impl_2022110301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5DA7 380 KB
129 KB 115ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070733

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 20:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131019
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 08:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Nov 2023 20:50:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 5DA7 105 B
707 B 118ms
43ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.anonigviewer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c9a5e351010d858788d14dc26931482bb751ea4367c9b88cda2ad5bb3e0c629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72
x-xss-protection: 0
expires: Tue, 08 Nov 2022 11:04:26 GMT

GET
H2 200 pubads_impl_2022110201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 15EF 380 KB
128 KB 143ms
73ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 09:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131066
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 08:35:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Nov 2023 09:54:10 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 15EF 105 B
233 B 116ms
53ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.anonigviewer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c9a5e351010d858788d14dc26931482bb751ea4367c9b88cda2ad5bb3e0c629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72
x-xss-protection: 0
expires: Tue, 08 Nov 2022 11:04:26 GMT

GET
H2 200 pubads_impl_2022110201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4CEC 380 KB
128 KB 207ms
143ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 09:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131066
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 08:35:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Nov 2023 09:54:10 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 4CEC 105 B
233 B 116ms
60ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.anonigviewer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c9a5e351010d858788d14dc26931482bb751ea4367c9b88cda2ad5bb3e0c629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72
x-xss-protection: 0
expires: Tue, 08 Nov 2022 11:04:26 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4e00212e-2563-44c5-b820-bf3d936feea0
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=4e00212e-2563-44c5-b820-bf3d936feea0&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=4e00212e-2563-44c5-b820-bf3d936feea0&google_gid=CAESEAV5LBwYtWjDhiDFViX8DgI&google_cver=1

95 B
804 B

53ms
51ms

Image
image/png

34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=4e00212e-2563-44c5-b820-bf3d936feea0&google_gid=CAESEAV5LBwYtWjDhiDFViX8DgI&google_cver=1

Protocol

HTTP/1.1

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Tue, 08 Nov 2022 11:04:27 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/ca.png?dsp=dbm&fid=4e00212e-2563-44c5-b820-bf3d936feea0&google_gid=CAESEAV5LBwYtWjDhiDFViX8DgI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4e00212e-2563-44c5-b820-bf3d936feea0
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4e00212e-2563-44c5-b820-bf3d936feea0
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=3D720AC5-55F1-4E06-9A15-45FECA7760A1&fid=4e00212e-2563-44c5-b820-bf3d936feea0

95 B
881 B

46ms
44ms

Image
image/png

34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=3D720AC5-55F1-4E06-9A15-45FECA7760A1&fid=4e00212e-2563-44c5-b820-bf3d936feea0

Protocol

HTTP/1.1

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Tue, 08 Nov 2022 11:04:26 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95
Expires: Tue, 08 Nov 2022 11:04:26 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=3D720AC5-55F1-4E06-9A15-45FECA7760A1&fid=4e00212e-2563-44c5-b820-bf3d936feea0
date: Tue, 08 Nov 2022 11:04:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.anonigviewer.com%252F%26hn_ver%3D40%26fid%3D4e00212e...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12967%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.anonigvi...
https://s.cpx.to/an_fire?app_nexus_uid=3174707944690274053&pid=12967&ref=&url=https%3A%2F%2Fwww.anonigviewer.com%2F&hn_ver=40&fid=4e00212e-2563-44c5-b820-bf3d936feea0

95 B
865 B

46ms
44ms

Image
image/png

34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=3174707944690274053&pid=12967&ref=&url=https%3A%2F%2Fwww.anonigviewer.com%2F&hn_ver=40&fid=4e00212e-2563-44c5-b820-bf3d936feea0

Protocol

HTTP/1.1

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Tue, 08 Nov 2022 11:04:26 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95
Expires: Tue, 08 Nov 2022 11:04:26 UTC

Redirect headers

Date: Tue, 08 Nov 2022 11:04:26 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.152.218; 31.204.152.218; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1c7ec792-782f-4f37-bdb6-09aa5d07b750
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.cpx.to/an_fire?app_nexus_uid=3174707944690274053&pid=12967&ref=&url=https%3A%2F%2Fwww.anonigviewer.com%2F&hn_ver=40&fid=4e00212e-2563-44c5-b820-bf3d936feea0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D4e00212e-2563-44c5-b820-bf3d936feea0&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4e00212e-2563-44c5-b820-bf3d936feea0&gdpr=0&cklb=1

0
316 B

42ms
40ms

Image
text/plain

185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4e00212e-2563-44c5-b820-bf3d936feea0&gdpr=0&cklb=1
Protocol: HTTP/1.1
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:26 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4e00212e-2563-44c5-b820-bf3d936feea0&gdpr=0&cklb=1
pragma: no-cache
date: Tue, 08 Nov 2022 11:04:26 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 145ms
46ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 08 Nov 2022 11:04:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 186ms
64ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1569081077&t=pageview&_s=1&dl=https%3A%2F%2Fwww.anonigviewer.com%2F&ul=en-us&de=UTF-8&dt=Anon%20IG%20Viewer%20-%20Watch%20Instagram%20Stories%20Anonymously&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1755763350&gjid=1038852881&cid=1504046262.1667905467&tid=UA-199721344-40&_gid=2128697583.1667905467&_r=1&gtm=2oub20&z=509573416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.anonigviewer.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.anonigviewer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 306ms
100ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.anonigviewer.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 Hc6PdfQeAi.gif
pixel.zprk.io/v5/pixel/ 35 B
294 B 210ms
210ms Image
image/gif 54.179.66.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/Hc6PdfQeAi.gif?idgen=1&_ncid=cf0e5d8ec4c7686fd3b12a0e555dd99f&dne=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.66.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-66-88.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 15EF 107 B
792 B 236ms
66ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.anonigviewer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 15EF 107 B
549 B 236ms
68ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.anonigviewer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 15EF 705 B
0 506ms
389ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1603777928653578&correlator=3645843409157790&eid=31070109%2C44752585&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=90814396%3A22654334212%2Canonigviewer_intext_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C970x90%7C728x250&ifi=1&adks=313349286&sfv=1-0-39&prev_scp=refresh%3D0%26url%3Dhttps%253A%252F%252Fwww.anonigviewer.com%252F%26placement_unit_count%3D0%26referrerCategory%3DDirect%26nmBidBrowserType%3Dempty%26nmBidDeviceType%3Dempty%26nmBidCountryType%3Dempty%26nmBidHour%3Dempty%26nmBidRefreshCount%3Dempty%26nmBidCpm%3Dempty%26Demand_Rs%3DIndex%26hb_pb%3D0.00%26orig_hb_pb%3D0.00&eri=1&ppid=cf0e5d8ec4c7686fd3b12a0e555dd99f&sc=1&cookie_enabled=1&abxe=1&dt=1667905467034&lmt=1667905467&dlt=1667905466242&idt=696&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=bzx41r6ofjan&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.anonigviewer.com%2F&ref=https%3A%2F%2Fwww.anonigviewer.com%2F&top=https%3A%2F%2Fwww.anonigviewer.com%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1504046262.1667905467&ga_sid=1667905467&ga_hid=519915889&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.anonigviewer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 15EF 15 KB
11 KB 138ms
57ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bb30d739302f71b96bde67acb5602dd4ba78a89077dd0da503687c29c092c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11368
x-xss-protection: 0

GET
H2 200 container.html Show response
760a90dcbaea3e653eba22a09f52be4b.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame AC00 6 KB
3 KB 169ms
37ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://760a90dcbaea3e653eba22a09f52be4b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anonigviewer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 11:04:27 GMT
expires: Wed, 08 Nov 2023 11:04:27 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Hc6PdfQeAi.gif
pixel.zprk.io/v5/pixel/ 35 B
294 B 210ms
210ms Image
image/gif 54.179.66.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/Hc6PdfQeAi.gif?idgen=1&_ncid=cf0e5d8ec4c7686fd3b12a0e555dd99f&_ncid=cf0e5d8ec4c7686fd3b12a0e555dd99f&dne=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.66.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-66-88.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 5DA7 107 B
165 B 136ms
86ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.anonigviewer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5DA7 107 B
165 B 136ms
87ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.anonigviewer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 5DA7 704 B
0 353ms
325ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=11680251220940&correlator=721677328151028&eid=31070733&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=90814396%3A22654334212%2Canonigviewer_intext_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&ifi=1&adks=4148198315&sfv=1-0-39&prev_scp=refresh%3D0%26url%3Dhttps%253A%252F%252Fwww.anonigviewer.com%252F%26placement_unit_count%3D0%26referrerCategory%3DDirect%26nmBidBrowserType%3Dempty%26nmBidDeviceType%3Dempty%26nmBidCountryType%3Dempty%26nmBidHour%3Dempty%26nmBidRefreshCount%3Dempty%26nmBidCpm%3Dempty%26Demand_Rs%3DIndex%26hb_pb%3D0.00%26orig_hb_pb%3D0.00&eri=1&ppid=cf0e5d8ec4c7686fd3b12a0e555dd99f&sc=1&cookie_enabled=1&abxe=1&dt=1667905467124&lmt=1667905467&dlt=1667905466271&idt=806&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=j7bnjcaa0ky5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.anonigviewer.com%2F&ref=https%3A%2F%2Fwww.anonigviewer.com%2F&top=https%3A%2F%2Fwww.anonigviewer.com%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1504046262.1667905467&ga_sid=1667905467&ga_hid=1460356293&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.anonigviewer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5DA7 15 KB
11 KB 49ms
48ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2f37ec4165bf2a831c0049abf401848dba40591e76e418bc7731f368d35e43f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11226
x-xss-protection: 0

GET
H2 200 container.html
45719d625092f8eb4109f884415a7c22.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame F6A8 0
0 242ms
72ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45719d625092f8eb4109f884415a7c22.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anonigviewer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 11:04:27 GMT
expires: Wed, 08 Nov 2023 11:04:27 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Hc6PdfQeAi.gif
pixel.zprk.io/v5/pixel/ 35 B
294 B 226ms
217ms Image
image/gif 54.179.66.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/Hc6PdfQeAi.gif?idgen=1&_ncid=cf0e5d8ec4c7686fd3b12a0e555dd99f&_ncid=cf0e5d8ec4c7686fd3b12a0e555dd99f&_ncid=cf0e5d8ec4c7686fd3b12a0e555dd99f&dne=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.66.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-66-88.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 4CEC 107 B
165 B 68ms
66ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.anonigviewer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4CEC 107 B
165 B 71ms
70ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.anonigviewer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4CEC 18 KB
10 KB 389ms
386ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4249348467331497&correlator=4270745050400236&eid=31070747%2C31070232&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=90814396%3A22654334212%2Canonigviewer_intext_tier2_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=1236661107&sfv=1-0-39&prev_scp=refresh%3D0%26url%3Dhttps%253A%252F%252Fwww.anonigviewer.com%252F%26placement_unit_count%3D0%26referrerCategory%3DDirect%26nmBidBrowserType%3Dempty%26nmBidDeviceType%3Dempty%26nmBidCountryType%3Dempty%26nmBidHour%3Dempty%26nmBidRefreshCount%3Dempty%26nmBidCpm%3Dempty%26Demand_Rs%3DIndex%26hb_pb%3D0.00%26orig_hb_pb%3D0.00&eri=1&ppid=cf0e5d8ec4c7686fd3b12a0e555dd99f&sc=1&cookie_enabled=1&abxe=1&dt=1667905467197&lmt=1667905467&dlt=1667905466185&idt=978&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5u22ff48e3gw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.anonigviewer.com%2F&ref=https%3A%2F%2Fwww.anonigviewer.com%2F&top=https%3A%2F%2Fwww.anonigviewer.com%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1504046262.1667905467&ga_sid=1667905467&ga_hid=1210131374&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19981fafb73686f03b9690b89e99692d82f47203b81f90a951f0bdc5572711d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10053
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.anonigviewer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4CEC 14 KB
11 KB 119ms
49ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e183c7e0cb3a55d5d441c0f2fb504710e5128ffdbff633c9df8ea9df6261a4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11159
x-xss-protection: 0

GET
H2 200 container.html Show response
2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame B3A2 6 KB
3 KB 63ms
41ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anonigviewer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 11:04:27 GMT
expires: Wed, 08 Nov 2023 11:04:27 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 15EF 17 KB
7 KB 134ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 11:04:27 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5DA7 17 KB
6 KB 126ms
56ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 11:04:27 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4CEC 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 11:04:27 GMT

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EA1 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame B6D3 0
0

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C06 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame 8CC6 0
0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE39 13 KB
5 KB 166ms
56ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anonigviewer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 11616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 07:50:51 GMT
expires: Wed, 08 Nov 2023 07:50:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C401 783 B
1 KB 110ms
40ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9f59dddc3b1a3df416052930b5c581c2723192641bfbcc5e29ecc03f00b1593

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mdRnWwkLliLcBhOl0QOlpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.anonigviewer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-mdRnWwkLliLcBhOl0QOlpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 11:04:27 GMT
expires: Tue, 08 Nov 2022 11:04:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame FC66 6 KB
3 KB 180ms
59ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anonigviewer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 11:04:27 GMT
expires: Wed, 08 Nov 2023 11:04:27 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C401 0
0 65ms
65ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110201&jk=4249348467331497&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame EE39 36 KB
15 KB 32ms
31ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 08:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 08:10:08 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AD1D 624 B
670 B 188ms
55ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCFog4YnqjyrQEwAQ&v=APEucNUJpBqKvUmv2m2GfMbo1gdrS_xDIVQAJbrIjbEBISj4aY6IeJ98FDHgRoJyGukxzibsfZk4Cd47hrLrW_rNW1nXg3VbQtUnOvmohe2KbifZFV_NE0KA2fF3dT9nuuMPIza8mt4_ZU5io_28Eag-huCjEfjC5Wb5sIK5wL2pDVGSYzwPHIU

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 11:04:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FC66 82 KB
35 KB 207ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZWL0H1fiJDctKJA20jbHW451U8OqM454e52nVlIduMFp2xEmrkG8tYZ7HeocuXsoi_m3M4uThHW6iNZIDSOXKeK1idw&cry=1&dbm_d=AKAmf-CYpiqvZhsBmkwNtgI0mSh82miTc17kzWRn8G7peLPWjWZHdh1agUwsMyxySJU0qrC2wRxdO907efRlqJOahclZhyca6JRhaUd0cxKN_359me2fMajqfoW38Th2qXEWsTlWufUZkX8Df_VmjYZ0oPSQqHg5NQX_h5seELLDg4hvaZAb2d1Kuar1iZZYl9-dIIaXDWobaR4IF-5tcZrYqq-PVP6B650ChdF-mbpFT5H0KE9V__dZOJ19IpjxPxSM0dB1RwYWUnrx9YItVjgutdyyolpA4SMPmApjE7uOytMq8ZVr06UoeR8Wmz8645zNeOreEondnJrEUNa4BX-FPMeCWT4AaKvP-TJqYdPU6tyXQgmN6uqttkeT5gUrmMM3iEVNVKHQ_6e_Xx5zjmznAxZ_R68vXg4zdxPaJsvNS4PIdZVzcDhd7_NVHw1yOrxO-4l8ydC7sAH61-GnXtgNpUHMDzApRvgIBvj6Z-JOI8u8hUu75CMKXjPa0ORycv-2ne3R_1UbyEaAqO2nbcEBKOCX3OeYiZ6WTwUgRGsoJsWYtzAoV2Hr7HzePZcdL6xOoRwlqnUtmXak2B-euPWLgOHENMxFpUu3E-61e7XDb2oXlOfBrmueUUaqs3Oo2Rr51iaEzAp-qNXOoqKJgdndbFihQQabZj0DUDY1Nxb_S6Wu5oEy2CN9hGkkXlbun5y7sMW2nXS_wLyGdItfQ8uji0Il6O6nvbdj2QL0881bQl8oJfnyLIs8wSg2WaL949Z6DyyoojtnHZ9wJUaOzHdYbZpT4_2BGBDUvrwc31ZyyIgxBUGNJQqc0XiwAxlEHwFRkHiAO3s8W4itOnzbbmYHe1xTxHWLeNtm66oE8aUDlIL_YHVo043R4TzcGrt1yx4UfbyUmrP3WUPq9Y3jQGXZHezAE2FUpUryIcpbMJ4A43AzppxnN_E66HiXNt6t5yrWdS2ZN8jl6ETu1N_iw1bB8ze9bf18XbASebxH_KL2iu3YAILwcMQxfSkcCaNnhKxy03y0DdNjlZqhgktbePAJNjycOrHCD9mHJ9qsu9i95ibe6QVQYMuOBcCup2AS0i9-F9E6qbS60EA9jFk4a5F2E9Fel6uHgvEhibB4ZWtqnbJY1l9LrGHlpdjDSMFp8etTkuBSUFA0lgWYQGW3vtl1w-4pZ8sNtkgwPyZCqAsjsdQZCyoN-6AYvCj-KngztBuvTDmziXXrg_OFg4JkOUmPE3518w1CSDaOTUZKrrd40W80c3Rruq7Z2RRzlMZDSFSo9OnIHAgKlMGtSkLYiW0TUVBrbC71i52exBxTna2n5giqbkAWP63Y828cLFPW1T4uJ03MRVlNsCfUESc4KI-NGdJjUCwYNrE32lkovbdzHnQNzCJhRuN9T24yWxdQe1JEuurNan70zDahEOggTwzb5CU3B1-LuGhf-bHmowuZIaNaI_Rfc61Q3ecL2wUNwbToIdeVZIJZ4CClHddzAWItrdC6L_OsYnSA8cZh2eCmH0XcIZTmE3LO4ORWkL1JS-ZWldGVycbsGpBIdsPZiUUC0MEtDDjArlFzAgZIU14iwuUiVw_ovwp75qm7hKEkI7dLpW62y8F6U3EoEo4mVYtwrlYrdtpiKU8SdzhsCyC3SrE0enjnwoLFwFdszQ_9JkNwEGtBefyPVfkXdnA0ShuLsQFPYkx8DpbvqrFWYro6vhG-1n4GYr5qASsJUsC1TKkwhgseCvRPCJq6scJcewVQB2Vcdgv-VdP-7VuSs9J_Cp0cA2-ye5easpHZG0oQF8TL7D1IKtd2wOo192F487xzCd_IpMgFgiPu1-11pUlCm2_gRq8EMGhTTKnFQx6_wSaeh35AhcS5tItI39KBpD7MW4HRYsTiUHLPHqwOwq-KVQwHFKU_yrQ1ZlgzY30gpZ79-ss5KplnTsOCA9GnrPGmJyPElgBUZMGX6Y0I-p988EAXmI9iLRZ-aD_QDu-5cMejv40x6lQYBTytcwUwNHl5LLmIluFWBgwYeUoGpHakZyaFEHbzf_PHH7OIxXMevvwWYkEVw5G6W72FuafvM3sldE9S67Y7VAVSkfOyEliaWS_Kg30SEOHUwoq0q3ISlVPc2JoI6_1EhkyE2mrP3BfmWsnNE9t68II03rBzPEj6DssxokuZU6MPGyLmtDPf8473wjie5wNaDbQZkxLBAH8D9fDFcyfxpkDJk7DDSUpPOOuUZ7rh66nAtYlLiynrJP9Oo84-weMOuu9ORzNSfmGJZh-rI_zvbimIFV8N5s_t7ml20N2PWmytM8TgDEXfI6z57ZdPSwKJDwdezVC-8rT0RaJ-AnyH-ec0e_5r-cDEbwhZs09nVgkEuWhmcVZLWcBs04E13HmYJ0787sP4Raq5lHlWYaeI0nr5Kx8LDmy-kJt_LdnbKnLjjAsHXiMJ93bJ60hOEWs1kxCitwSm2XSjubs-0X0fAC4fy2X_81y_Y_cx6ygQnZH0u9PhPVF_g4HeS6vchWLaMk8lXFN2sqkDIIMjRp-Z4ZViKDXbPLTP3Qhu2Mye8KUo6qZxcppcvlH8lbIr2iD6-BYinPN2eCJt6LAll64TKftgIDM4AAYfSvoKyLINE946qtsTXkcODyBLz6wyIIWf-dvakuwLVG36yXiwQaveqfsmqMJKtCjEDt_EgFDTsOOUcikNjctGLGAfdhem1wHFQ5IBEHVNXHVMmIyuMx9xIK9KkVBiF5oq_phBfJghbXctOXADg4iiJxyB6rix7kdn4CALiv9ZrO9dKwxuxPsJvoFnNYBu9ZSTGXTnxRtmVqwne8uPIoY_uBFESzWCtVe0x87kd6m92MqeN2-vTfJfxfzh6jp8ur_X98YPHAhBiInEkc6sD-VxT_OVAhybE5nI8S1RrzJdFwPW1iyoauWFmj6MKMBDuL7oV1-EsAlLwTVp8c2RLh9EgOtABzsylLqiRGv2BfGNOp9OhuCZIQ25J7Pp7YIeJIuld3kUzCVAlv7NeMokVorDMtG8kIRHM6FrK0RF4e9vuMekMjj5seRZcd75xrI7rKDBBn_ZnER7_LYys0u8J7A40U1Rzhp-6E_v8lHpSo8hcEddgQLiH_U6NM4fI6zlNcxD0VZTUbG4we4WB5LAGI753W7shxyFzliA1iecHfnqukBu18IjW26m9iQoLjQY_SrlicYqWlIYl1Q3WM378Z2ilfaLV11escKzo0PNANW9exiOkjtgKt2DIrpPXM2EMyCOI9xdIFszrycCSjQcjWji-rhViQLIZeOfTvE5qBmhe0V7GPTbdrH0IP7CrjedadP-bzfDjopdG_GzX-wR9z6Zld4Nk-qm06N6GffBKuhW1nZWsssyOSM5I4a1yHDyet6kpB7-wlD9zDDpt9h8VINgEE-NtN7KKIjjFhiCFAmRQEEWYqk-HEvD7vQtrGswXK2CYVAP8TyxYADCAAVYecet9w3JG3pCLf0zLDTQq2JFR-wmin0G-GubuSwC3Y3Uyg31G4d-Kcr8ylGfg7q7f0zIwUn3Ufuzz7-oY0KJy8q9oYJX-YTnNvH5Lw&cid=CAQSTQDq26N9ghMU-Jy4GoH-nf8TlGDspfn7bgEZI8KDJWFs3jgp9MnjdLr3zo50ufGtK0jLVQg3yoopocDHVHOqgSLo6t4CDMS5ljmUubMNGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.anonigviewer.com%242%2C%2Chttps%253A%252F%252Fwww.anonigviewer.com%252F%240

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b2dd2056d70eb75e8e5a3c4e84c4872964dd8c85c0aad858643b012dcddb30b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35259
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC66 42 B
63 B 99ms
98ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DG90811fdeiCFWzDVbj8O-mIBOM-GX1cUEjmEXjjzZgcak_LEk1hxlQQKwMhclPWRXAVWH0nI18_Lq7UJCdH1jNMd1l175QFGd_J2_b9KPyth6__I

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame FC66 3 KB
1 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 21:41:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame FC66 17 KB
7 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 14:38:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FC66 0
0 152ms
48ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7u-2oVV0n94NyzrxNSdBpbTmfIUzjGO3BFeZo7O0Cq2-sz31VnmHkUomNP20XeoZCDe1NrIuqVIQXJIM6lJrvoh0vTA
Requested by: Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC66 154 KB
47 KB 139ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667824238049716"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 11:04:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EE39 0
10 B 63ms
57ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G3DIBw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AD1D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1&C=1

43 B
766 B

34ms
31ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCFog4YnqjyrQEwAQ&v=APEucNUJpBqKvUmv2m2GfMbo1gdrS_xDIVQAJbrIjbEBISj4aY6IeJ98FDHgRoJyGukxzibsfZk4Cd47hrLrW_rNW1nXg3VbQtUnOvmohe2KbifZFV_NE0KA2fF3dT9nuuMPIza8mt4_ZU5io_28Eag-huCjEfjC5Wb5sIK5wL2pDVGSYzwPHIU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Nov 2022 11:04:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 08 Nov 2022 11:04:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AD1D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2o3vJGq663fhJccIW1qKgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1

43 B
894 B

31ms
31ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCFog4YnqjyrQEwAQ&v=APEucNUJpBqKvUmv2m2GfMbo1gdrS_xDIVQAJbrIjbEBISj4aY6IeJ98FDHgRoJyGukxzibsfZk4Cd47hrLrW_rNW1nXg3VbQtUnOvmohe2KbifZFV_NE0KA2fF3dT9nuuMPIza8mt4_ZU5io_28Eag-huCjEfjC5Wb5sIK5wL2pDVGSYzwPHIU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Nov 2022 11:04:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJuRLu23IIrtb_ZUzuAe7sY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame AD1D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEO66TztHVp1C1pNMrOK4914&google_cver=1

43 B
1 KB

77ms
46ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEO66TztHVp1C1pNMrOK4914&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCFog4YnqjyrQEwAQ&v=APEucNUJpBqKvUmv2m2GfMbo1gdrS_xDIVQAJbrIjbEBISj4aY6IeJ98FDHgRoJyGukxzibsfZk4Cd47hrLrW_rNW1nXg3VbQtUnOvmohe2KbifZFV_NE0KA2fF3dT9nuuMPIza8mt4_ZU5io_28Eag-huCjEfjC5Wb5sIK5wL2pDVGSYzwPHIU

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Nov 2022 11:04:28 GMT
AN-X-Request-Uuid: 497a2450-5e57-4568-9bb2-63d311ae05b5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.152.218; 31.204.152.218; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEO66TztHVp1C1pNMrOK4914&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD1D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3NDcwNzk0NDY5MDI3NDA1Mw%3D%3D

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3NDcwNzk0NDY5MDI3NDA1Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 08 Nov 2022 11:04:28 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.152.218; 31.204.152.218; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c91737f3-7972-42af-94be-c89a933470e4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3NDcwNzk0NDY5MDI3NDA1Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FC66 106 KB
38 KB 116ms
31ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
Origin: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 12:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 12:10:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame FC66 8 KB
3 KB 37ms
36ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZWL0H1fiJDctKJA20jbHW451U8OqM454e52nVlIduMFp2xEmrkG8tYZ7HeocuXsoi_m3M4uThHW6iNZIDSOXKeK1idw&cry=1&dbm_d=AKAmf-CYpiqvZhsBmkwNtgI0mSh82miTc17kzWRn8G7peLPWjWZHdh1agUwsMyxySJU0qrC2wRxdO907efRlqJOahclZhyca6JRhaUd0cxKN_359me2fMajqfoW38Th2qXEWsTlWufUZkX8Df_VmjYZ0oPSQqHg5NQX_h5seELLDg4hvaZAb2d1Kuar1iZZYl9-dIIaXDWobaR4IF-5tcZrYqq-PVP6B650ChdF-mbpFT5H0KE9V__dZOJ19IpjxPxSM0dB1RwYWUnrx9YItVjgutdyyolpA4SMPmApjE7uOytMq8ZVr06UoeR8Wmz8645zNeOreEondnJrEUNa4BX-FPMeCWT4AaKvP-TJqYdPU6tyXQgmN6uqttkeT5gUrmMM3iEVNVKHQ_6e_Xx5zjmznAxZ_R68vXg4zdxPaJsvNS4PIdZVzcDhd7_NVHw1yOrxO-4l8ydC7sAH61-GnXtgNpUHMDzApRvgIBvj6Z-JOI8u8hUu75CMKXjPa0ORycv-2ne3R_1UbyEaAqO2nbcEBKOCX3OeYiZ6WTwUgRGsoJsWYtzAoV2Hr7HzePZcdL6xOoRwlqnUtmXak2B-euPWLgOHENMxFpUu3E-61e7XDb2oXlOfBrmueUUaqs3Oo2Rr51iaEzAp-qNXOoqKJgdndbFihQQabZj0DUDY1Nxb_S6Wu5oEy2CN9hGkkXlbun5y7sMW2nXS_wLyGdItfQ8uji0Il6O6nvbdj2QL0881bQl8oJfnyLIs8wSg2WaL949Z6DyyoojtnHZ9wJUaOzHdYbZpT4_2BGBDUvrwc31ZyyIgxBUGNJQqc0XiwAxlEHwFRkHiAO3s8W4itOnzbbmYHe1xTxHWLeNtm66oE8aUDlIL_YHVo043R4TzcGrt1yx4UfbyUmrP3WUPq9Y3jQGXZHezAE2FUpUryIcpbMJ4A43AzppxnN_E66HiXNt6t5yrWdS2ZN8jl6ETu1N_iw1bB8ze9bf18XbASebxH_KL2iu3YAILwcMQxfSkcCaNnhKxy03y0DdNjlZqhgktbePAJNjycOrHCD9mHJ9qsu9i95ibe6QVQYMuOBcCup2AS0i9-F9E6qbS60EA9jFk4a5F2E9Fel6uHgvEhibB4ZWtqnbJY1l9LrGHlpdjDSMFp8etTkuBSUFA0lgWYQGW3vtl1w-4pZ8sNtkgwPyZCqAsjsdQZCyoN-6AYvCj-KngztBuvTDmziXXrg_OFg4JkOUmPE3518w1CSDaOTUZKrrd40W80c3Rruq7Z2RRzlMZDSFSo9OnIHAgKlMGtSkLYiW0TUVBrbC71i52exBxTna2n5giqbkAWP63Y828cLFPW1T4uJ03MRVlNsCfUESc4KI-NGdJjUCwYNrE32lkovbdzHnQNzCJhRuN9T24yWxdQe1JEuurNan70zDahEOggTwzb5CU3B1-LuGhf-bHmowuZIaNaI_Rfc61Q3ecL2wUNwbToIdeVZIJZ4CClHddzAWItrdC6L_OsYnSA8cZh2eCmH0XcIZTmE3LO4ORWkL1JS-ZWldGVycbsGpBIdsPZiUUC0MEtDDjArlFzAgZIU14iwuUiVw_ovwp75qm7hKEkI7dLpW62y8F6U3EoEo4mVYtwrlYrdtpiKU8SdzhsCyC3SrE0enjnwoLFwFdszQ_9JkNwEGtBefyPVfkXdnA0ShuLsQFPYkx8DpbvqrFWYro6vhG-1n4GYr5qASsJUsC1TKkwhgseCvRPCJq6scJcewVQB2Vcdgv-VdP-7VuSs9J_Cp0cA2-ye5easpHZG0oQF8TL7D1IKtd2wOo192F487xzCd_IpMgFgiPu1-11pUlCm2_gRq8EMGhTTKnFQx6_wSaeh35AhcS5tItI39KBpD7MW4HRYsTiUHLPHqwOwq-KVQwHFKU_yrQ1ZlgzY30gpZ79-ss5KplnTsOCA9GnrPGmJyPElgBUZMGX6Y0I-p988EAXmI9iLRZ-aD_QDu-5cMejv40x6lQYBTytcwUwNHl5LLmIluFWBgwYeUoGpHakZyaFEHbzf_PHH7OIxXMevvwWYkEVw5G6W72FuafvM3sldE9S67Y7VAVSkfOyEliaWS_Kg30SEOHUwoq0q3ISlVPc2JoI6_1EhkyE2mrP3BfmWsnNE9t68II03rBzPEj6DssxokuZU6MPGyLmtDPf8473wjie5wNaDbQZkxLBAH8D9fDFcyfxpkDJk7DDSUpPOOuUZ7rh66nAtYlLiynrJP9Oo84-weMOuu9ORzNSfmGJZh-rI_zvbimIFV8N5s_t7ml20N2PWmytM8TgDEXfI6z57ZdPSwKJDwdezVC-8rT0RaJ-AnyH-ec0e_5r-cDEbwhZs09nVgkEuWhmcVZLWcBs04E13HmYJ0787sP4Raq5lHlWYaeI0nr5Kx8LDmy-kJt_LdnbKnLjjAsHXiMJ93bJ60hOEWs1kxCitwSm2XSjubs-0X0fAC4fy2X_81y_Y_cx6ygQnZH0u9PhPVF_g4HeS6vchWLaMk8lXFN2sqkDIIMjRp-Z4ZViKDXbPLTP3Qhu2Mye8KUo6qZxcppcvlH8lbIr2iD6-BYinPN2eCJt6LAll64TKftgIDM4AAYfSvoKyLINE946qtsTXkcODyBLz6wyIIWf-dvakuwLVG36yXiwQaveqfsmqMJKtCjEDt_EgFDTsOOUcikNjctGLGAfdhem1wHFQ5IBEHVNXHVMmIyuMx9xIK9KkVBiF5oq_phBfJghbXctOXADg4iiJxyB6rix7kdn4CALiv9ZrO9dKwxuxPsJvoFnNYBu9ZSTGXTnxRtmVqwne8uPIoY_uBFESzWCtVe0x87kd6m92MqeN2-vTfJfxfzh6jp8ur_X98YPHAhBiInEkc6sD-VxT_OVAhybE5nI8S1RrzJdFwPW1iyoauWFmj6MKMBDuL7oV1-EsAlLwTVp8c2RLh9EgOtABzsylLqiRGv2BfGNOp9OhuCZIQ25J7Pp7YIeJIuld3kUzCVAlv7NeMokVorDMtG8kIRHM6FrK0RF4e9vuMekMjj5seRZcd75xrI7rKDBBn_ZnER7_LYys0u8J7A40U1Rzhp-6E_v8lHpSo8hcEddgQLiH_U6NM4fI6zlNcxD0VZTUbG4we4WB5LAGI753W7shxyFzliA1iecHfnqukBu18IjW26m9iQoLjQY_SrlicYqWlIYl1Q3WM378Z2ilfaLV11escKzo0PNANW9exiOkjtgKt2DIrpPXM2EMyCOI9xdIFszrycCSjQcjWji-rhViQLIZeOfTvE5qBmhe0V7GPTbdrH0IP7CrjedadP-bzfDjopdG_GzX-wR9z6Zld4Nk-qm06N6GffBKuhW1nZWsssyOSM5I4a1yHDyet6kpB7-wlD9zDDpt9h8VINgEE-NtN7KKIjjFhiCFAmRQEEWYqk-HEvD7vQtrGswXK2CYVAP8TyxYADCAAVYecet9w3JG3pCLf0zLDTQq2JFR-wmin0G-GubuSwC3Y3Uyg31G4d-Kcr8ylGfg7q7f0zIwUn3Ufuzz7-oY0KJy8q9oYJX-YTnNvH5Lw&cid=CAQSTQDq26N9ghMU-Jy4GoH-nf8TlGDspfn7bgEZI8KDJWFs3jgp9MnjdLr3zo50ufGtK0jLVQg3yoopocDHVHOqgSLo6t4CDMS5ljmUubMNGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.anonigviewer.com%242%2C%2Chttps%253A%252F%252Fwww.anonigviewer.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 14:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 14:29:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame FC66 30 KB
11 KB 35ms
34ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 14:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11393
x-xss-protection: 0
server: cafe
etag: 8974296396314687744
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 14:29:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FC66 41 KB
15 KB 63ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 29B3 1 KB
643 B 38ms
32ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Tue, 08 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FC66 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b1715b50c4dd25f16ac5c63eb76d62c056a3899ca969f4638d966c6d3199f45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 29B3 35 B
463 B 129ms
34ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGZQKtpo1xEGXM9IYwXiQ0E&google_cver=1&google_push=ASkJ3FbAqNzCRfr2gI3bhldx4p91icK52fO5FnU_qfX0yDqE4yEdh2z_bLqwvFWW6armDlVBxZphHt6ssArFl3hqiBOxSOpD1bZu

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMKICDZ8I9WfTu3qZx2pqq8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMKICDZ8I9WfTu3qZx2pqq8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OENrRmYzT2ExT1NtcDY1&google_gid=CAESEMKICDZ8I9WfTu3qZx2pqq8&google_cver=1&google_push=ASkJ3FbkLSnoRxRq-cbqxxh5-TpX2QPowyS8DS-bGLL0T6k...

170 B
188 B

44ms
43ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OENrRmYzT2ExT1NtcDY1&google_gid=CAESEMKICDZ8I9WfTu3qZx2pqq8&google_cver=1&google_push=ASkJ3FbkLSnoRxRq-cbqxxh5-TpX2QPowyS8DS-bGLL0T6kK9Wf_PVu7iuvXigBE3fzArV_0tykeMTpyWmprDhYC97UrsmogUbka

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Nov 2022 11:04:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0eed724e77eae7a40@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OENrRmYzT2ExT1NtcDY1&google_gid=CAESEMKICDZ8I9WfTu3qZx2pqq8&google_cver=1&google_push=ASkJ3FbkLSnoRxRq-cbqxxh5-TpX2QPowyS8DS-bGLL0T6kK9Wf_PVu7iuvXigBE3fzArV_0tykeMTpyWmprDhYC97UrsmogUbka
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAKCPi8nicO-6Xv0HMNWRN0&google_cver=1&google_push=ASkJ3FZ9g9nRctwiMwemr9y8Dpj0rkWWwOwsQ4SiXVeWswTZ-8rgLj86jR5-oe4V_pk_5dJijYNaFm3IEy_x80...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzU5OTQzNzg4OTMzNzQ4Ng%3D%3D&google_push=ASkJ3FZ9g9nRctwiMwemr9y8Dpj0rkWWwOwsQ4SiXVeWswTZ-8rgLj86jR5-oe4V_pk_5dJijYNaFm3IEy_x80ILw4...

170 B
188 B

47ms
46ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzU5OTQzNzg4OTMzNzQ4Ng%3D%3D&google_push=ASkJ3FZ9g9nRctwiMwemr9y8Dpj0rkWWwOwsQ4SiXVeWswTZ-8rgLj86jR5-oe4V_pk_5dJijYNaFm3IEy_x80ILw4tk3zy1Udpf

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzU5OTQzNzg4OTMzNzQ4Ng%3D%3D&google_push=ASkJ3FZ9g9nRctwiMwemr9y8Dpj0rkWWwOwsQ4SiXVeWswTZ-8rgLj86jR5-oe4V_pk_5dJijYNaFm3IEy_x80ILw4tk3zy1Udpf
Date: Tue, 08 Nov 2022 11:04:28 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN4GLiwsN8at_HeY8DjdYno&google_cver=1&google_push=ASkJ3FYLPWM5bFA1JKefi6m-wfqNb6uFxf-gFAPA7k8Frn9WIpKH9tBX0iU9rym5mE2ox3IzOuNSUwz9Wwidqsn1...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DqcSw5-cQR2Y28StSF779Q2&google_push=ASkJ3FYLPWM5bFA1JKefi6m-wfqNb6uFxf-gFAPA7k8Frn9WIpKH9tBX0iU9rym5mE2ox3IzOuNSUwz9Wwidqsn12GOhbiteCM8-

170 B
188 B

44ms
43ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DqcSw5-cQR2Y28StSF779Q2&google_push=ASkJ3FYLPWM5bFA1JKefi6m-wfqNb6uFxf-gFAPA7k8Frn9WIpKH9tBX0iU9rym5mE2ox3IzOuNSUwz9Wwidqsn12GOhbiteCM8-

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 08 Nov 2022 11:04:28 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=DqcSw5-cQR2Y28StSF779Q2&google_push=ASkJ3FYLPWM5bFA1JKefi6m-wfqNb6uFxf-gFAPA7k8Frn9WIpKH9tBX0iU9rym5mE2ox3IzOuNSUwz9Wwidqsn12GOhbiteCM8-
x-host: tde-deliveryengine-production-5b89f5f57f-bxprx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKO_ox0TYOtdJ5Ze42sNdUM&google_cver=1&google_push=ASkJ3FYch30hmthPEnDvQ6J4znxG4tGVXjD-RjsNNvv_HcaDVcLRzrWuRMUz24w5keU1r1kxI6w...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4M1VOWlMtMVItUkNX&google_push=ASkJ3FYch30hmthPEnDvQ6J4znxG4tGVXjD-RjsNNvv_HcaDVcLRzrWuRMUz24w5keU1r1kxI6waEWQDs_6VgbaXyDRRVT0ACl0L

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4M1VOWlMtMVItUkNX&google_push=ASkJ3FYch30hmthPEnDvQ6J4znxG4tGVXjD-RjsNNvv_HcaDVcLRzrWuRMUz24w5keU1r1kxI6waEWQDs_6VgbaXyDRRVT0ACl0L

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4M1VOWlMtMVItUkNX&google_push=ASkJ3FYch30hmthPEnDvQ6J4znxG4tGVXjD-RjsNNvv_HcaDVcLRzrWuRMUz24w5keU1r1kxI6waEWQDs_6VgbaXyDRRVT0ACl0L
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC9admo-w8JQHWe2Qyn1DE0&google_cver=1&google_push=ASkJ3Fb4nyoKcrMF7oHLPU-d_gF83zNThwrWPPqsWlW9Pt_uqACt5QBfkHRjXU2HaHB5Z3cy9gp-LOgFQvs6ztCOsQomHDDSWc5t
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fb4nyoKcrMF7oHLPU-d_gF83zNThwrWPPqsWlW9Pt_uqACt5QBfkHRjXU2HaHB5Z3cy9gp-LOgFQvs6ztCOsQomHDDSWc5...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDAyOTU5NDIzOTQ4MDI2OTI2Mjkx&google_push=ASkJ3Fb4nyoKcrMF7oHLPU-d_gF83zNThwrWPPqsWlW9Pt_uqACt5QBfkHRjXU2H...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDAyOTU5NDIzOTQ4MDI2OTI2Mjkx&google_push=ASkJ3Fb4nyoKcrMF7oHLPU-d_gF83zNThwrWPPqsWlW9Pt_uqACt5QBfkHRjXU2HaHB5Z3cy9gp-LOgFQvs6ztCOsQomHDDSWc5t

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDAyOTU5NDIzOTQ4MDI2OTI2Mjkx&google_push=ASkJ3Fb4nyoKcrMF7oHLPU-d_gF83zNThwrWPPqsWlW9Pt_uqACt5QBfkHRjXU2HaHB5Z3cy9gp-LOgFQvs6ztCOsQomHDDSWc5t
date: Tue, 08 Nov 2022 11:04:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 29B3
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEImAD4y4M38rRmx6U6qHYoo&google_cver=1&google_push=ASkJ3FYpODX-hgp0EluG1ucTxxx50ggVqZyA3tqijLdylWdyZT4M1tb8ksm-_6kvl43YNi5kJmFzWOyGZ-D...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYpODX-hgp0EluG1ucTxxx50ggVqZyA3tqijLdylWdyZT4M1tb8ksm-_6kvl43YNi5kJmFzWOyGZ-DugP49BSAkajI5Tvfx
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

32ms
32ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 29B3 0
12 B 42ms
41ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYeYnCSLZ8FO2bPxVZnej7GdKHCvzmIl-Vy7egXlotedWUdlsAURevEhmPBvxgLhPwvZjZ7Q

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E9AA 22 KB
8 KB 58ms
57ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 344425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6381445182861191714/ Frame 5B2C 8 KB
3 KB 155ms
32ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88b13ba9c2123659845af74129fe906bfd213fb78c09eca2a660af0285c127e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 586638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2734
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 16:07:10 GMT
expires: Wed, 01 Nov 2023 16:07:10 GMT
last-modified: Tue, 21 Jun 2022 12:43:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FC66 0
0 268ms
104ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLFdWnI0vDFnjDP-gT7nk7fJ_h-RiwgwNrEEKld68TUhFsGv-uJ8Va4_dkK2ik86G2rYPbLav9AkkRinQunuKylF7z3SSSbtQdSHFnbgozU8bL7E7VqFcrcTGZ64DCzQK0LotozCforNOuTCa2A0a7lHR1yhCPmWg4OY_CWEPV4RGTzdVffyULaRXxOuIvRC-7yjX_t9ILV44XplSvzDtSlc-cFqkjagDvpCtTu5MglltgMqbby_Blsfq628K5LsoOBSS4TIr6uw7wJG4P3GEGxSNDflIgN2WJLmIQJWvzT5lLWK8vvlBUcu8DJeKmXVPa3FfKN7zAqY2lw_ta0sS8gUhiMGrP_OiNjeQ1rVhgAomcpqHqxNd7JHnwpMFlQ1eOBLA3OtaDJsFwi6jwDqbJsTQdFc3X02UPaFebrxplYwK5M_iD-8uz0wCswNLeQWY91rqkvkJLjwx37eFzLsVLJXODNijOL75ln9GPUElR4d9MRk7sejkhE--T2r5lUnei58r48hytKyExoLcvPcNQy7HYrSDE956Di8yfoRs-RhoDfRt4892tj1r_b7X5KWiN-yYKHFoE4TyT8pk5zLjb_D_1MeBcUqgh-o8kZB3lWSjOHu_ePuQqrXLVFUb7QAyUUTMdRLfO2gSvQjxTLw8QIrzZI9pm4d4_Nv_BDlQSmO8MbxjaOghLQ4aDT-xdP6VVqmw69iVbFHoxt3fatRzVz39OxwJ_ikLMmIeLpaKdS8wS4VK0KIaH28PG2erYu2ov09lMNFSrAvCLiN4B2Gu-LaTlg99O_-TNxE9KlZjlccZZErOG2ucZOvMGkUKdLwej8x1SkDoqkFHjHtuC55H4wM7ODnufnt1pg1GWh-jDUZccjkNRT4a4TwaKpbqyw1b-wtvILtxtjM1vb9FkzM0fanKi80fuKb6vyhZkL354DaR-s0yyw19pWd3sVRG04oSmdT3lxf4yOl8i9inkWYHbrqYMer2eUXKcg-yRY1zctSIVnpJtffDXvltBXjVB1ca3X2Ffl2Kmill9RFl1sGAvs8Kk6eCdaq3dgdc3yw0I5Ae_uMvMQv9uQPYy3QHsKdhumHejcIrvT-UIz8eA5BEsgh7UPRj-fcQ2SkJeK7q74AUlobhmknwXwukcrQO8Ej-XkQurFhv93UcUt6KhC3aCh8EniIIUH1Uh29Kfa-k0nmfP1IzDqIucCnuBQtyI_veRkd8JTUp_hQy-rbuA7K-0OrZTmhsEl0IrDf6V8ZgwoyS-ecarZM6_TunZSRdU82AGImk9wJ9DAH7597ynLIgInOAR6zYieZAEMh1f6nIyHM3g4wy9to-_BYxYXTYnAt6Xm4r9miDuxUOOixpyZCI9kgnjMr_2KG1qj_3CF4AHM9TEpm0SKS6A8d3yTXNB&sai=AMfl-YRtA9AbXgohjzx6ch0tsOYJT_DICgx6TjujeFfC-lQzHRy2Iz44C9ZdcOROUol9kztcG0sdQNe1kRKn6g1oNufW7gvHHRJLxM44rsNBs3TlYMuGbbCQUWCI6bBodVD45iegeopdDJuxU1EUIIs5VdfWeWgqlI-z2vSFsDvc4Qy1nnwuhqFPTyIgSOOjdg0PDKBROExbkZZpA5KQsJU5Ebaw8SPuLQ2-dEhQ9JEK3NDV-4g-Z0hKe5xD_pdeAzOLCOIjfIyU3_c88bXMK280Ldg0u5rIiiPmPTd4swvz_2UR1NyWrjGEvfmWU1qwB0G9lOZXXhomZPGS2dG3hr9oLgE1HwQ&sig=Cg0ArKJSzOqF8qgpBt-pEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&cbvp=1&cstd=181&cisv=r20221101.83501&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Nov 2022 11:04:28 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame E9AA 36 KB
15 KB 39ms
38ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 08:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 08:10:08 GMT

GET
H2 200 banner_728x90.min.css
client.bannerspace.net/017613/ Frame 5B2C 4 KB
2 KB 150ms
30ms Stylesheet
text/css 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/017613/banner_728x90.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

db323d536a412cec276ecf7160e9253efd5262d5f6a77650fdbfa75a4a0fa154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 11:04:28 GMT
last-modified: Tue, 27 Jul 2021 10:47:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 1325
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 taillogo.svg
client.bannerspace.net/017613/ Frame 5B2C 11 KB
4 KB 151ms
31ms Image
image/svg+xml 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/017613/taillogo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ecae1f08921d3ecf8617bf50fdb31f207292ff1bca5dce90034fe35b8308551f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 11:04:28 GMT
last-modified: Tue, 27 Jul 2021 10:47:40 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 3589
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 TimelineLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/ Frame 5B2C 13 KB
4 KB 81ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/TimelineLite.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4755e740b378730534bfdb854a26b0e6ee6b23ff3fffafcabf00210de4618b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2909348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3878
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-3261"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oz%2FZINFBxe7QBGl1qJ8okU5GbRnLc%2FIwmZIyqEt7w7KisOjzf0UiiDUpype0xj9XZ%2F2ITjC5EI%2BKtRSG3sq0dIkemC0VdWOx3jGP7d8Ku5gsq95EluJ0AiNb0%2B%2FKuWo4%2BVsbTsPuL%2BZM7bNjKmKTdvOR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 766dd3fb48c5b752-AMS
expires: Sun, 29 Oct 2023 11:04:28 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/ Frame 5B2C 28 KB
9 KB 89ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/TweenLite.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ddb95229a02deabab16d7ad820cff985ee29d5e6e29abaa04fef8baf6e7c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9103256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9056
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-6e41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BQ657DMSqBVLxPrS9cgR%2BY6QkEnqsLPT758%2F%2B5X4d6RQlsM%2FhlRWo4cVSmH0eBAVbtMShNc9G4R0bhfna8o78Y1w7GnXX2ynk4zHjap0bIA%2F1W04z3PzdATOY67LE8OTMm4uMxAdYFHSPobt5ZpC5Zc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 766dd3fb48c8b752-AMS
expires: Sun, 29 Oct 2023 11:04:28 GMT

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/plugins/ Frame 5B2C 42 KB
15 KB 81ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/plugins/CSSPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbeefef571a7b5070e773f51892727dce2cce07760f2b210f4c48e30e683a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9243180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14815
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-a800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XAMzH4v13H3sbPGryOgFBjaRANWDtml3zGrfuChaRcQHOQEwdluc3rtkrlO81uUvn8pGi9B6eFZF4jxSTgCvCI%2Fj%2BkmGgIhgwaTNZ3keUxmX1D5lBWxLKgZs5cXQx7uZjPkgIXqGcA%2BNKJhozl65aEV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 766dd3fb48c9b752-AMS
expires: Sun, 29 Oct 2023 11:04:28 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/easing/ Frame 5B2C 6 KB
2 KB 78ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/easing/EasePack.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1da28d2fd0d64c38a7130ceb177b1b3da3c7981d5124b70a197d1b13f64df07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5250757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1903
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-16cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1eOeq0DwPjolpQk8%2BAzBBmrFSAn1OHShHozoqjGSwh62s%2BdQ3DC6DNSKkN9LCPKfd1yT8fj7zaLFI4M9aeZT86mFVvCEZyu%2B8YdnlBIvuZ4IFNS7En5cXrUPX85ULI69dSCPom1%2FzcQDPYY%2F%2F9dXuCk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 766dd3fb48cbb752-AMS
expires: Sun, 29 Oct 2023 11:04:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4CEC 0
0 72ms
71ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110201&jk=4249348467331497&bg=!Tk2lTQnNAAZPh4lnb4c7ACkAdvg8WhCRRN8JrFn4smI8kn-339RrcOWhZJk7kQKK43bbcEB6OBpoXQIAAACqUgAAAARoAQcKAAU1Tgc_nZkC5IVk5Y4pdFTuZtsWdy9yfPBNZo-M7lUKS6WQAr3bEul6U7GWvnYFbLY2jYnWXdG3R2iUayPlbYFH1dalxIdIWWODbgIlz0KEOhWW6iCote_wWEOw8tBjubATuQnckS581HFS9ybqnmAOmM1TJY_yrHGJL10hcizn9HcWPWo1J9spFt5Eeu3HxMrsOhojYS6sgVWzNbCorK_MnjdXi5dFgSz7sGf7cXG3GGeptEjl1un3mWc-MajZVTYekZsoj0JCsZV0u5Oy8ELaeyGeGARoJmow4DmB-oTrpNtNNnRGmqDY7JsrI2k6QyL9r8jqsjAi-WgdG878mtq1yuXS7d0DzR7VVJjb6amSXtgWNwk63OcjVG-bmfOu31QsiIkCvULPqXOEdU4Z4LocEZhtmVKQlHeS0UCJZbog2978f15TX3lLZJ1V-JnFnz0cxpRFDR41Ijff6fZyO1lGaZMbjg1_ahXUHP8ftAGQ7UrOxn_Aw2l23qd4Oz5rBRCPCQdYdy2PTt37cHqkZ1lNykILHzkFoxnzhYbskApCzZ160nd4snqUAUNoL4NT-26D9hzAP3jVubfFu18uzEnPDZfe4RZJu2TSjIUzKeUqPuWG4mKTf21kmwsiRc2v8uYOEczxNzpNwQ4VpiK9i7rFRE8oq8I0O0eefJEGKLL8WyINNeykJPpcFxLyHvoKeDOvcD1sUsSeZceEb4wHYaZji3yHPPVsIusgqzTFwjdlnari8iuC935zacqHm-zysqbILzDmIdpSfSTXX1UEbLOB5Inz2RqyeU1wBfJm8c3B9VY90TMoLo8DnO-uBi_rm_oW9IC1CL3SUkG0go61C8BBrcj2-0R-BjkyVceKjIF5Pu3kFaPkvywxGTK-MRkRMUaMBHWw5I_XrJe787JNXsVRTivdzPLdP1LqZfZoe43xydAD1KoQ8DUcwDJ630R6nOU04uKwidycqJPx-RLI-2N3CeJVXwcFhV3QLVHW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E9AA 0
20 B 70ms
69ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0kwIvDdqY8kMrpf27w_D0r2oBQAAAAA4AeAEAg&bg=!ZWalZiLNAAZPh4lnb4c7ACkAdvg8WipicxKL7GsPmMeMQ7Nuq7nmMQvlNKJxnenNAZVtbANt-R_tfQIAAADGUgAAAANoAQeZAyrrBn3rzJ5txl5WNEMosT1Mwko6y-Baqn4iIBLaC0ZasHOwDoH8ES7pm-3BnsKrHkxedcXRTkbOBMSl4heLz04_IIngV_YIx39ehW5iDTvii081K0UrquRU13bkDMvYmUp5z614NbH7k5n8v6Sy5-KsIbJ0CaFWcw2DL_QPZmJ-mj0dl0ZoBKxD_Voi5-Um6lnXlgW2nQmVYkP5n2AqlEhwEWvB8M4ivEMifDYKX2YJ2Oo4KTjf2OhMabPfvfTWeRMgJnjsUVN5PnB-dd8sqP2PEqnfgMIo54s7-SUriqgMMpLGZwCDgNG8yT-N0q4zjVk0AuunjLWCw4TmTYMYWtEehg6pk9erMj5oUSEu0o0_D1MNYijYrHdre7pNPHrtrUFrbDYcQqmafzR3Yawc97P4LKKS4jpPFONEQH7-I6LMHLJmAeWIr9DtwXgIK3ZDBfswdL3n5YkmWKKpeo9fjqvXKe6Dg8UvAhPsNzJAMCPCP6b0tKCxZzB2NMtH2IJ_gfCXM2nENIf0cd7-8P86_GXdQNSff0j6JDt3alXhogIPTb-9pR1IQ_73qifVnLY06z0curkre209p_uimjh3oqAdJ1sNCghn5d7SsHbupq5LRNx4UzHkOU77KxcVleQ69ZdNTXlvDCrxDcfYacHlvO8CQ2R2EkzWw1pOc_l-cOTgxubYzcCe_rkxXKwywLqdbP1NKi2a2YSFkz9dpJGeTsE0XI4KlQ9o_SF_O5RehwujnwQ0EjXEhmwukQdxZ6ayquy6nWxkGYT7m87QG1GnlcAgdBmrd3T3VJAjL9qxYOfqNHCuxcSXaIuNYr_23qYDSzI24hROWw4vhyYL_qqtJg7C4Uyc59asRXx9iiE8SyOAmPvkqMvopzbgfHsB1yvQdt4ZBT7IIyUnZ2h-IQfH8KTenG364fclkr6M3PSbjq0N5OukHqkVo-9spXxdeAFAVcpGuswODn-9JiJZSDW_1CA6g34tx2WHzaqfonhD04Dw7Pm_esFoGoHPfPyX62I6PITo5s7xG1HdVGMe07yN3IaF8PYXfbOFrxzC6K_tLW5z_qCizecrnmuQTSA

Requested by

Host: 2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
URL: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ctaarrow.svg
client.bannerspace.net/017613/ Frame 5B2C 274 B
435 B 31ms
31ms Image
image/svg+xml 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/017613/ctaarrow.svg

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/017613/banner_728x90.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://client.bannerspace.net/017613/banner_728x90.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 11:04:28 GMT
last-modified: Tue, 27 Jul 2021 10:47:40 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 210
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 NoaLTStd-Regular.woff
client.bannerspace.net/017613/ Frame 5B2C 23 KB
23 KB 124ms
34ms Font
font/woff 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/017613/NoaLTStd-Regular.woff

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/017613/banner_728x90.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.bannerspace.net/017613/banner_728x90.min.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 10:47:40 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 23664
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 feed.xml Show response
client.bannerspace.net/112968/ Frame 5B2C 2 KB
729 B 32ms
31ms XHR
application/xml 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/112968/feed.xml?preventCache=0.7292468393571587

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a9f226fc7347ce0989c76d588d7bd34eb3385634b190a7c43672c6ec0f83b882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 11:04:28 GMT
last-modified: Tue, 08 Nov 2022 04:05:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
cache-control: no-transform, max-age=300
accept-ranges: bytes
content-length: 504
expires: Tue, 08 Nov 2022 11:09:28 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FC66 0
0 214ms
96ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLFdWnI0vDFnjDP-gT7nk7fJ_h-RiwgwNrEEKld68TUhFsGv-uJ8Va4_dkK2ik86G2rYPbLav9AkkRinQunuKylF7z3SSSbtQdSHFnbgozU8bL7E7VqFcrcTGZ64DCzQK0LotozCforNOuTCa2A0a7lHR1yhCPmWg4OY_CWEPV4RGTzdVffyULaRXxOuIvRC-7yjX_t9ILV44XplSvzDtSlc-cFqkjagDvpCtTu5MglltgMqbby_Blsfq628K5LsoOBSS4TIr6uw7wJG4P3GEGxSNDflIgN2WJLmIQJWvzT5lLWK8vvlBUcu8DJeKmXVPa3FfKN7zAqY2lw_ta0sS8gUhiMGrP_OiNjeQ1rVhgAomcpqHqxNd7JHnwpMFlQ1eOBLA3OtaDJsFwi6jwDqbJsTQdFc3X02UPaFebrxplYwK5M_iD-8uz0wCswNLeQWY91rqkvkJLjwx37eFzLsVLJXODNijOL75ln9GPUElR4d9MRk7sejkhE--T2r5lUnei58r48hytKyExoLcvPcNQy7HYrSDE956Di8yfoRs-RhoDfRt4892tj1r_b7X5KWiN-yYKHFoE4TyT8pk5zLjb_D_1MeBcUqgh-o8kZB3lWSjOHu_ePuQqrXLVFUb7QAyUUTMdRLfO2gSvQjxTLw8QIrzZI9pm4d4_Nv_BDlQSmO8MbxjaOghLQ4aDT-xdP6VVqmw69iVbFHoxt3fatRzVz39OxwJ_ikLMmIeLpaKdS8wS4VK0KIaH28PG2erYu2ov09lMNFSrAvCLiN4B2Gu-LaTlg99O_-TNxE9KlZjlccZZErOG2ucZOvMGkUKdLwej8x1SkDoqkFHjHtuC55H4wM7ODnufnt1pg1GWh-jDUZccjkNRT4a4TwaKpbqyw1b-wtvILtxtjM1vb9FkzM0fanKi80fuKb6vyhZkL354DaR-s0yyw19pWd3sVRG04oSmdT3lxf4yOl8i9inkWYHbrqYMer2eUXKcg-yRY1zctSIVnpJtffDXvltBXjVB1ca3X2Ffl2Kmill9RFl1sGAvs8Kk6eCdaq3dgdc3yw0I5Ae_uMvMQv9uQPYy3QHsKdhumHejcIrvT-UIz8eA5BEsgh7UPRj-fcQ2SkJeK7q74AUlobhmknwXwukcrQO8Ej-XkQurFhv93UcUt6KhC3aCh8EniIIUH1Uh29Kfa-k0nmfP1IzDqIucCnuBQtyI_veRkd8JTUp_hQy-rbuA7K-0OrZTmhsEl0IrDf6V8ZgwoyS-ecarZM6_TunZSRdU82AGImk9wJ9DAH7597ynLIgInOAR6zYieZAEMh1f6nIyHM3g4wy9to-_BYxYXTYnAt6Xm4r9miDuxUOOixpyZCI9kgnjMr_2KG1qj_3CF4AHM9TEpm0SKS6A8d3yTXNB&sai=AMfl-YRtA9AbXgohjzx6ch0tsOYJT_DICgx6TjujeFfC-lQzHRy2Iz44C9ZdcOROUol9kztcG0sdQNe1kRKn6g1oNufW7gvHHRJLxM44rsNBs3TlYMuGbbCQUWCI6bBodVD45iegeopdDJuxU1EUIIs5VdfWeWgqlI-z2vSFsDvc4Qy1nnwuhqFPTyIgSOOjdg0PDKBROExbkZZpA5KQsJU5Ebaw8SPuLQ2-dEhQ9JEK3NDV-4g-Z0hKe5xD_pdeAzOLCOIjfIyU3_c88bXMK280Ldg0u5rIiiPmPTd4swvz_2UR1NyWrjGEvfmWU1qwB0G9lOZXXhomZPGS2dG3hr9oLgE1HwQ&sig=Cg0ArKJSzOqF8qgpBt-pEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=689&vt=11&dtpt=504&dett=3&cstd=181&cisv=r20221101.83501&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.anonigviewer.com
URL: https://www.anonigviewer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Nov 2022 11:04:28 GMT

GET
H2 200 engine.min.js Show response
client.bannerspace.net/017613/ Frame 5B2C 10 KB
3 KB 31ms
31ms Script
application/javascript 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/017613/engine.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6381445182861191714/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0545488c8493b6837d7d948858c7d4a06644743103c0de8da343cb9ccf3a6fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 11:04:28 GMT
last-modified: Tue, 27 Jul 2021 10:47:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 2836
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 taillogo.svg
client.bannerspace.net/017613/ Frame 5B2C 11 KB
4 KB 32ms
31ms Image
image/svg+xml 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/017613/taillogo.svg

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/017613/engine.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ecae1f08921d3ecf8617bf50fdb31f207292ff1bca5dce90034fe35b8308551f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 11:04:28 GMT
last-modified: Tue, 27 Jul 2021 10:47:40 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 3589
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 NoaLTStd-Light.woff
client.bannerspace.net/017613/ Frame 5B2C 23 KB
24 KB 31ms
31ms Font
font/woff 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/017613/NoaLTStd-Light.woff

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/017613/banner_728x90.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.bannerspace.net/017613/banner_728x90.min.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 10:47:40 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 23972
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 728x90_std_Inspiration.jpg
client.bannerspace.net/017613/ Frame 5B2C 50 KB
50 KB 66ms
62ms Image
image/jpeg 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/017613/728x90_std_Inspiration.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

98ec376a437d562f3805b9bb734e8da6a822a2a3c621cf2a91ef62d57a383f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 10:47:43 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 51007
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 728x90_std_CUR.jpg
client.bannerspace.net/017613/ Frame 5B2C 17 KB
17 KB 43ms
39ms Image
image/jpeg 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/017613/728x90_std_CUR.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

93b2ac09331713f1d28eb756aa566dd2ffd92851f275739647fe4c247dcba05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 10:47:41 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 17657
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 728x90_std_LAS_2.jpg
client.bannerspace.net/017613/ Frame 5B2C 76 KB
76 KB 43ms
40ms Image
image/jpeg 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/017613/728x90_std_LAS_2.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

aa32d620fa6d76d1332133de9acc44d239994fd9b70b3114c3b7776c518f9da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 10:47:42 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 77848
expires: Tue, 08 Nov 2022 11:34:28 GMT

GET
H2 200 728x90_std_DXB.jpg
client.bannerspace.net/017613/ Frame 5B2C 16 KB
16 KB 33ms
31ms Image
image/jpeg 2a02:26f0:3500:588::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/017613/728x90_std_DXB.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

68c609c98d8c98e034ddd8a7cf1cb701dbd0ceca6195f72f7086c47f654d57b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Tue, 08 Nov 2022 11:04:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 10:47:41 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 15996
expires: Tue, 08 Nov 2022 11:34:28 GMT

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 303ms
100ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/161099156635350/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.anonigviewer.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Nov 2022 11:04:29 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC66 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3pHS2yB-p61c5prObUDlGPgNeHdoyon9H7j0O-qatijKK299ze1Ccn86fC6kuNCQC4emCb81NQwmYvKywPrQICu9_k1dxgxX_tA94-n5J42fSx9Hc3eRGLskY1iVR4xE9ZLwx_g&sai=AMfl-YT4i1690mLJ7SHatIQqQu5r35s55E5fcFEyIO_hqhb7KAXeL1zcEqxYP_nyn8MkOJv-j75z_IH3AJYSajnKpsBhzYDto_cjrSClcr0d-ErvpvBTHissyvmKQIlkc9H6l_zdY78Mop1e5tXv0TaMVw&sig=Cg0ArKJSzEsUpasWn7KzEAE&cid=CAQSTQDq26N9ghMU-Jy4GoH-nf8TlGDspfn7bgEZI8KDJWFs3jgp9MnjdLr3zo50ufGtK0jLVQg3yoopocDHVHOqgSLo6t4CDMS5ljmUubMNGAEgDg&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1236661107&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667905467631&rpt=568&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 11:04:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK statistics Show response
report3.hb.brainlyads.com/ Frame EB37 0
232 B 102ms
101ms XHR
text/plain 35.175.160.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report3.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.160.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-160-109.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/json
Referer: https://www.anonigviewer.com/
accept-language: nl-NL,nl;q=0.9
x-nm-url: https://www.anonigviewer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-nm-host: www.anonigviewer.com

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 11:04:30 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

OPTIONS
H/1.1 204
No Content statistics
report3.hb.brainlyads.com/ Frame 0
0 545ms
100ms Preflight 35.175.160.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report3.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.160.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-160-109.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-nm-host,x-nm-url
Access-Control-Request-Method: POST
Origin: https://www.anonigviewer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Connection: keep-alive
Date: Tue, 08 Nov 2022 11:04:30 GMT
Server: nginx/1.18.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-1.anonigviewer.com
URL: https://cdn-1.anonigviewer.com/default-user-profile-image.png

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
powerad.ai/	1969-12-31 23:59:59	Name: 12301dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12331dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12593dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12594dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12595dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12940dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 13127dcr-g Value: 1
www.anonigviewer.com/	1970-01-20 08:01:37	Name: _pbjs_userid_consent_data Value: 3524755945110770
.anonigviewer.com/	1970-01-20 07:18:27	Name: __cf_bm Value: Bq23moGyyyd4IVICutbRgxesi0tGloySFqbOn2M7utE-1667905466-0-AZ6WVWqqphjnzdGAIirzswMgAXnaciEocNMy6QzSbuPjsf6+6yMqXuaPU2OgMal2LaiywAUP23IY+MyOKuinZZ+mEZh3qN0+BaiHC+5b0fsEjfCpDXQhDshPqhHjZxgSFQ==
.anonigviewer.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .anonigviewer.com
.anonigviewer.com/	1970-01-20 16:54:25	Name: _lc2_fpi Value: 2b27a1790eed--01ghbekc6nc7tnaxk1m6b01qb6
.anonigviewer.com/	1970-01-20 11:37:37	Name: _pubcid Value: 1424de32-9746-4ee9-a8f6-5fc36fbe7ec4
.cpx.to/	1970-01-20 16:04:01	Name: cpSess Value: 6bb3f22df44447a3
.adnxs.com/	1970-01-20 09:28:01	Name: uuid2 Value: 3174707944690274053
.anonigviewer.com/	1970-01-20 16:54:25	Name: _ga Value: GA1.2.1504046262.1667905467
.anonigviewer.com/	1970-01-20 07:19:51	Name: _gid Value: GA1.2.2128697583.1667905467
.pubmatic.com/	1970-01-20 09:28:01	Name: KTPCACOOKIE Value: true
.anonigviewer.com/	1970-01-20 07:18:25	Name: _gat_gtag_UA_199721344_40 Value: 1
.pubmatic.com/	1970-01-20 09:28:01	Name: KADUSERCOOKIE Value: 3D720AC5-55F1-4E06-9A15-45FECA7760A1
.smartadserver.com/	1970-01-20 16:04:01	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 16:04:01	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.cpx.to/	1970-01-20 16:04:01	Name: dsp_app_nexus Value: 3174707944690274053#1667905466885
.smartadserver.com/	1970-01-20 16:04:01	Name: pid Value: 2230188522183579753
.cpx.to/	1970-01-20 16:04:01	Name: dsp_pubmatic Value: 3D720AC5-55F1-4E06-9A15-45FECA7760A1#1667905466937
.liadm.com/	1970-01-20 16:54:25	Name: lidid Value: 12ae4580-7263-4fd3-965c-b0493f808fc5
.doubleclick.net/	1970-01-20 16:40:01	Name: IDE Value: AHWqTUm5Bbywjkj3Br2s7iEc7e_i1uJ0riFOWq8PYHJ-Q7JY-FA1e2gdlnS2kxBTW9s
.anonigviewer.com/	1970-01-20 16:04:01	Name: _ncid Value: cf0e5d8ec4c7686fd3b12a0e555dd99f
.cpx.to/	1970-01-20 16:04:01	Name: dsp_dbm Value: CAESEAV5LBwYtWjDhiDFViX8DgI#1667905467103
.anonigviewer.com/	1970-01-20 16:40:01	Name: __gads Value: ID=18550151ac16062e:T=1667905467:S=ALNI_MYSBy0LAm4Y1SdRC-mCIP8jaNZYvA
.anonigviewer.com/	1970-01-20 16:40:01	Name: __gpi Value: UID=00000b7e846880a0:T=1667905467:RT=1667905467:S=ALNI_MYF1i1S7a8opqUcfLZfo-aOA1mAKA
.adnxs.com/	1970-01-20 09:28:01	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In4mWoAt!]tbPl1M>e)ZlrFUfJ+tGXxpWV=@)aQ.>`!XxN3^X8Xp/`z%wXQ<8d[1v_._3If)y3KL9D3I?+bfZN7e
.casalemedia.com/	1970-01-20 16:04:01	Name: CMID Value: Y2o3vJGq663fhJccIW1qKgAA
.casalemedia.com/	1970-01-20 09:28:01	Name: CMPS Value: 3227
.casalemedia.com/	1970-01-20 09:28:01	Name: CMPRO Value: 3227
.3lift.com/	1970-01-20 09:28:01	Name: tluid Value: 402959423948026926291
.travelaudience.com/	1970-01-20 16:47:13	Name: _tracker Value: %7B%22UUID%22%3A%220EA712C3-9F9C-411D-98DB-C4AD485EFBF5%22%7D
.adfarm1.adition.com/	1970-01-20 09:28:01	Name: UserID1 Value: 7163599437889337486
.quantserve.com/	1970-01-20 09:28:01	Name: d Value: EHwBCQHDJ4EA
.quantserve.com/	1970-01-20 16:48:39	Name: mc Value: 636a37bc-57971-d2618-6722a
.w55c.net/	1970-01-20 16:47:13	Name: wfivefivec Value: 8CkFf3Oa1OSmp65
.w55c.net/	1970-01-20 08:01:37	Name: matchgoogle Value: 5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2f914544e9a011dcdfef7b23cd845dcb.safeframe.googlesyndication.com
45719d625092f8eb4109f884415a7c22.safeframe.googlesyndication.com
760a90dcbaea3e653eba22a09f52be4b.safeframe.googlesyndication.com
a.ad.gt
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
anonigviewer.com
cdn-1.anonigviewer.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
client.bannerspace.net
cm.g.doubleclick.net
cms.quantserve.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.brainlyads.com
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.zprk.io
pm.w55c.net
powerad.ai
report3.hb.brainlyads.com
reporting.powerad.ai
rp.liadm.com
rp4.liadm.com
s.cpx.to
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
sync.smartadserver.com
tpc.googlesyndication.com
www.anonigviewer.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cdn-1.anonigviewer.com
tpc.googlesyndication.com
www.google.com
142.250.185.98
142.250.186.66
185.64.190.80
185.80.39.216
185.86.139.106
185.89.210.122
185.89.211.12
23.20.158.212
23.35.236.201
2600:1f18:730:b110:e592:4eb7:d27a:33ba
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:bcf
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a02:26f0:3500:588::21cf
2a06:98c1:3120::3
2a06:98c1:3121::3
3.218.4.10
34.246.142.233
35.157.189.90
35.175.160.109
35.190.0.66
35.71.131.137
35.84.93.102
51.89.9.251
52.48.231.49
54.152.172.136
54.179.66.88
54.234.151.247
69.173.144.138
76.223.111.18
85.114.159.118
049ec451899d884ab87cb29ddb116db3e91c493c359ef1432410d6313bc40601
0545488c8493b6837d7d948858c7d4a06644743103c0de8da343cb9ccf3a6fcb
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
0b1715b50c4dd25f16ac5c63eb76d62c056a3899ca969f4638d966c6d3199f45
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9a5e351010d858788d14dc26931482bb751ea4367c9b88cda2ad5bb3e0c629
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
149c46c2340e86b09fd528d222aa3397a224a87db82136c1cb09c00a63c47fe2
19981fafb73686f03b9690b89e99692d82f47203b81f90a951f0bdc5572711d4
19aaa7f6f733553924a0e339d909cb5f8840c2125123fffcc5c6a0f089d0f28b
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
24fb6a16bc15f7c81f6567257ff6de1ee51734c8b69aa6c3ac2d4f1e0ba7ab9f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b8da4234834eaaeebca3076f38521ffbd67bcf2bbce413102a61b51dfed04d0
2d3f0bc8184a19fa3920674fd3ed1e0a8fa95e4bc188d7533f3a95f78ec7fda1
312f2c387ca6152ec288ddf221311605056fddb5a9c98e2477de1e08bef493bb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3412f0e8c06c9e1396d7884c5a1e5fc85296748e1ad495ab14a40a05704bd83d
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
44d4cfd96636f673d8f990db7c015327156e1abd1fa60557bbacf2335ff5a7f0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dbe42998a9196bd135135a20a7a1fb408a8ea302baee55109d4bfad7d2f66e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
5fbeefef571a7b5070e773f51892727dce2cce07760f2b210f4c48e30e683a82
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
618927b6b10850893cc22ca5df20f816eed18c113df204c20b3c6007abc287fc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
68c609c98d8c98e034ddd8a7cf1cb701dbd0ceca6195f72f7086c47f654d57b1
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
73a21dcfd165b07649877cb5eeeadac908ca7bdbe0552582d5605a62dec36974
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
791860937c4fbd4f9f3b6778662df559aa478d16d142a1ceb64f2d288b1159d5
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b
7edddd3d7a45413d9f308ba8e844720ea50d457c0f601fa758ccda0f9afb2316
7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8
819f0be3dea597b1fc48acee70170e52d6f0f15b9ce58c221104a46d9f7a2f5d
88b13ba9c2123659845af74129fe906bfd213fb78c09eca2a660af0285c127e2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
928cec4d7231b34b048155ce2b5108130bbb5d626c8fb3f2e61c282398d5b734
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93b2ac09331713f1d28eb756aa566dd2ffd92851f275739647fe4c247dcba05d
98ec376a437d562f3805b9bb734e8da6a822a2a3c621cf2a91ef62d57a383f78
99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2dd2056d70eb75e8e5a3c4e84c4872964dd8c85c0aad858643b012dcddb30b
9bb30d739302f71b96bde67acb5602dd4ba78a89077dd0da503687c29c092c5e
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1da28d2fd0d64c38a7130ceb177b1b3da3c7981d5124b70a197d1b13f64df07
a2f37ec4165bf2a831c0049abf401848dba40591e76e418bc7731f368d35e43f
a4755e740b378730534bfdb854a26b0e6ee6b23ff3fffafcabf00210de4618b3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9f226fc7347ce0989c76d588d7bd34eb3385634b190a7c43672c6ec0f83b882
aa32d620fa6d76d1332133de9acc44d239994fd9b70b3114c3b7776c518f9da1
ac345e55c8de7b3a71800d26cd161ab5a4d9091434ea3165b2fd47ee1c4f44df
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ddb95229a02deabab16d7ad820cff985ee29d5e6e29abaa04fef8baf6e7c00
b357f2e5b199d7adfeae351a848473e137b7e7ec706d8e4a9925f410dbff69c4
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d72940831a075444bb9a179f9d046d43ed0457d6d2bdd8f2892102b9f3ac14d0
d8259e6da6aafd6fe4f62310ae12fb6bed70c7a1793fb306843b7cda6afa6041
d9f59dddc3b1a3df416052930b5c581c2723192641bfbcc5e29ecc03f00b1593
db323d536a412cec276ecf7160e9253efd5262d5f6a77650fdbfa75a4a0fa154
e183c7e0cb3a55d5d441c0f2fb504710e5128ffdbff633c9df8ea9df6261a4a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e44079e3aacd781cd8d2b8bf4c07b2db3847b2f310e86b6b6a06ef00c95e2f72
ecae1f08921d3ecf8617bf50fdb31f207292ff1bca5dce90034fe35b8308551f
eeea52c66b93709d1f98bb69bbde2d15096e3bcdee471b00b4fccbfdc08f7624
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f266acb707c5b2704c3b6e18e0888d7995bad0ba0ffec4a125146f7e3d058583
f36fec4d3caa10faa065220f593154d1b971ed4f0170faef3ec354d59934e885
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.anonigviewer.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

86 %HTTPS

49 %IPv6

33 Domains

50 Subdomains

39 IPs

7 Countries

1635 kBTransfer

4314 kBSize

41 Cookies

1 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.anonigviewer.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

86 %
HTTPS

49 %
IPv6

33
Domains

50
Subdomains

39
IPs

7
Countries

1635 kB
Transfer

4314 kB
Size

41
Cookies

140 HTTP transactions
1 data transactions