rd.fharr.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rd.fharr.com/db/item/400368
Submission: On June 17 via api (June 17th 2023, 2:46:57 pm UTC) from US — Scanned from NL

Summary HTTP 343 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 44 domains to perform 343 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is rd.fharr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2023. Valid for: a year.

This is the only time rd.fharr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:223... 2600:9000:223c:6e00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
54	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	222.230.178.131 222.230.178.131	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:31f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	54.199.5.69 54.199.5.69	16509 (AMAZON-02) (AMAZON-02)
2	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 4	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	183.79.219.124 183.79.219.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
5	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
9 24	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
16	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2887:ff2... 2a03:2887:ff2f:0:face:b00c:0:a7	63293 (FACEBOOK-...) (FACEBOOK-OFFNET)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 6	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
12	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1 5	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
6	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
2 10	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
4 8	52.214.187.105 52.214.187.105	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2 2	2.17.100.248 2.17.100.248	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	65.9.66.18 65.9.66.18	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21f... 2600:9000:21f3:2c00:1a:7c92:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.187.34 18.156.187.34	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
3	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.70.92.75 3.70.92.75	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:226e:dde5:5103:25e0	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
343	52

29 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rd.fharr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.sales-frontier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223c:6e00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 222.230.178.131 (Bannaguro, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

cpt.geniee.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:31f (United States)

ASN13335 (CLOUDFLARENET, US)

www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b766e2ae11ee81bfd6c3800a5ab3357a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.199.5.69 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-5-69.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.76.93 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.219.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

yads.c.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.184.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2887:ff2f:0:face:b00c:0:a7 (Ireland)

ASN63293 (FACEBOOK-OFFNET, US)

scontent.fktw4-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.90.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal900019.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 138.201.63.150 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 92.123.148.9 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.214.187.105 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-187-105.eu-west-1.compute.amazonaws.com

ti.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.100.248 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-248.deploy.static.akamaitechnologies.com

ui2.awin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-18.fra56.r.cloudfront.net

a1.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:2c00:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.187.34 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-187-34.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.70.92.75 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-92-75.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:226e:dde5:5103:25e0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 b766e2ae11ee81bfd6c3800a5ab3357a.safeframe.googlesyndication.com	841 KB
57	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 pubads.g.doubleclick.net — Cisco Umbrella Rank: 417 ad.doubleclick.net — Cisco Umbrella Rank: 184	466 KB
28	fharr.com rd.fharr.com	364 KB
26	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 39899 hal900019.redintelligence.net — Cisco Umbrella Rank: 408274 hal90008.redintelligence.net — Cisco Umbrella Rank: 442836 hal90003.redintelligence.net — Cisco Umbrella Rank: 306018	208 KB
18	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 107 region1.analytics.google.com — Cisco Umbrella Rank: 2890	50 KB
17	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 659 scontent.fktw4-1.fna.fbcdn.net — Cisco Umbrella Rank: 302079	288 KB
14	holmesmind.com 2 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 149717 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 157447 fcm.holmesmind.com — Cisco Umbrella Rank: 175417 c.holmesmind.com — Cisco Umbrella Rank: 116521	37 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	964 KB
12	tradetracker.net 4 redirects ti.tradetracker.net — Cisco Umbrella Rank: 172980 static.tradetracker.net — Cisco Umbrella Rank: 193612	213 KB
12	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 16217 a1.awin1.com — Cisco Umbrella Rank: 58173	27 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	391 KB
7	plurk.com www.plurk.com — Cisco Umbrella Rank: 302208 s.plurk.com — Cisco Umbrella Rank: 781092 avatars.plurk.com — Cisco Umbrella Rank: 667148 imgs.plurk.com — Cisco Umbrella Rank: 818050	49 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	5 KB
6	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	1 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	4 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	40 KB
5	google.nl adservice.google.nl — Cisco Umbrella Rank: 17884 www.google.nl — Cisco Umbrella Rank: 7979	1 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 785	2 KB
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 492	644 B
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1159	592 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 340 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	222 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	117 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 751	923 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 566	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	2 KB
2	awin.com 2 redirects ui2.awin.com — Cisco Umbrella Rank: 62069	202 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	651 B
2	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 73284	3 KB
2	geniee.jp cpt.geniee.jp — Cisco Umbrella Rank: 73747	38 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1233	204 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	587 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6896	552 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 976	714 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	539 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 846	464 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832	252 B
1	yimg.jp yads.c.yimg.jp — Cisco Umbrella Rank: 38084
1	sales-frontier.com cdn2.sales-frontier.com — Cisco Umbrella Rank: 345554	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1123	7 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1035	3 KB
343	44

	Domain	Requested by
54	pagead2.googlesyndication.com	rd.fharr.com pagead2.googlesyndication.com e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
30	tpc.googlesyndication.com	e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com rd.fharr.com pagead2.googlesyndication.com
28	rd.fharr.com	rd.fharr.com
24	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net rd.fharr.com
16	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com googleads.g.doubleclick.net
13	securepubads.g.doubleclick.net	rd.fharr.com securepubads.g.doubleclick.net www.googletagservices.com
12	hal9000.redintelligence.net	e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com hal900019.redintelligence.net hal90008.redintelligence.net googleads.g.doubleclick.net hal90003.redintelligence.net
10	www.awin1.com	2 redirects hal900019.redintelligence.net e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com hal90008.redintelligence.net hal90003.redintelligence.net
9	www.google.com	1 redirects rd.fharr.com www.gstatic.com www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	ti.tradetracker.net	4 redirects rd.fharr.com hal90008.redintelligence.net
7	www.googletagservices.com	securepubads.g.doubleclick.net e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net hal900019.redintelligence.net hal90008.redintelligence.net hal90003.redintelligence.net
6	hal90008.redintelligence.net	hal9000.redintelligence.net hal90008.redintelligence.net
6	fonts.gstatic.com	www.google.com fonts.googleapis.com
6	sync.teads.tv	1 redirects googleads.g.doubleclick.net
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com rd.fharr.com
5	hal900019.redintelligence.net	1 redirects e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com hal900019.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.facebook.com	rd.fharr.com connect.facebook.net static.xx.fbcdn.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	static.tradetracker.net	e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com hal90008.redintelligence.net googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	c.holmesmind.com	2 redirects cdn.holmesmind.com
4	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
4	e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.nl	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	cdn.holmesmind.com	rd.fharr.com cdn.holmesmind.com
4	use.fontawesome.com	rd.fharr.com use.fontawesome.com
3	hal90003.redintelligence.net	hal9000.redintelligence.net hal90003.redintelligence.net
3	pubads.g.doubleclick.net	rd.fharr.com
3	region1.analytics.google.com	www.googletagmanager.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	s.plurk.com	www.plurk.com
3	www.googletagmanager.com	rd.fharr.com cdn2.sales-frontier.com www.googletagmanager.com
3	connect.facebook.net	rd.fharr.com connect.facebook.net
2	x.bidswitch.net	2 redirects
2	id.rlcdn.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	sync.mathtag.com	2 redirects
2	pm.w55c.net	2 redirects
2	a1.awin1.com	hal900019.redintelligence.net hal90003.redintelligence.net
2	ui2.awin.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
2	fcm.holmesmind.com	cdn.holmesmind.com
2	www.plurk.com	rd.fharr.com static.cloudflareinsights.com
2	cpt.geniee.jp	rd.fharr.com cpt.geniee.jp
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.google.nl	rd.fharr.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	scontent.fktw4-1.fna.fbcdn.net	www.facebook.com rd.fharr.com
1	b766e2ae11ee81bfd6c3800a5ab3357a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	yads.c.yimg.jp	cpt.geniee.jp
1	cdn2.sales-frontier.com	securepubads.g.doubleclick.net
1	static.cloudflareinsights.com	www.plurk.com
1	imgs.plurk.com	www.plurk.com
1	avatars.plurk.com	www.plurk.com
1	unpkg.com	rd.fharr.com
343	69

This site contains links to these domains. Also see Links.

Domain
cookie-consent.app.forthe.top
game.fharr.com
www.plurk.com
shout.fharr.com
www.facebook.com
line.me
www.instagram.com
ro.gnjoy.com
ro.gnjoy.com.tw
ragnarokonline.gungho.jp
www.playragnarok.com
ro.qiquanwl.com
playragnarokonlinebr.com
roextreme.com
ro.gnjoy.id
ginyuki.com
s010381.blogspot.com
cgn.netlify.app
forum.gamer.com.tw
rocalweb.github.io
pay.fharr.com
policies.google.com

Subject Issuer	Validity	Valid
fharr.com Cloudflare Inc ECC CA-3	`2023-05-22` - `2024-05-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.geniee.jp GeoTrust RSA CA 2018	`2023-03-17` - `2024-03-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-26` - `2023-06-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
sales-frontier.com E1	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-04-12` - `2024-05-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.fktw4-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2023-04-25` - `2023-07-24`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.tradetracker.net Amazon RSA 2048 M02	`2023-02-09` - `2023-11-17`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh

This page contains 51 frames:

Primary Page: https://rd.fharr.com/db/item/400368
Frame ID: A2602E29D5FBCF1D751125080FE63145
Requests: 72 HTTP requests in this frame

Frame: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
Frame ID: A7340084881CD61BB4AC7F56CB52DD1A
Requests: 8 HTTP requests in this frame

Frame: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D7D9AB2CF12E3F6452CD3B21C08AB4A0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 2FD74C928E41F3F496FF3BBB6827BEAB
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 5C4C5A771B5031E8EACD68B2F4400EB4
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstbcRzxgU9cldhe53tIsuqH1AzapAdgIJWaqW9iZOTWIYrQdi0FOId83zvsGxKtnSdpulZ6uFYTPkw1SNRy7BlXaUI0VUh_PBedCWDIPUMCdh0z5vFAscyllMxc1Ap98bAC9pX-lclrCGQdp1hqBsdJK3JR7cEnQIpZ6_tftDpjSoxLIqPmHSeRRK5rtENul7A15fyyfRIieIS-fiI6Wvh4JYYSGG9tR1pE4kJgYN3DyXNDDDt4pMsEJanCtGvHamgG3XUrhT0WGAyiJ43VIbPlrsdWmcogirrQGF9A0IZPDMPZkluyAxuDi6gw4A6S9aPDBXvEOC3wXK-C4xhZmfhPQ&sai=AMfl-YR3JaGwBs1bx0Gdost0yhVXgRec7HL80bGQighwHitt1Blmd3RUngIQIQV_gchjSgz_bsTC-Y4FVIozrA7ailH8MrSkIk0upqBmGZ7vcjz6yikf65nb8sf4QpO43ljO37A82H16A3ZMzF0GTXCb&sig=Cg0ArKJSzBRT3O4vtHaWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2946060778BB31A5695647E2E660B518
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Frame ID: 750EEEA9538BFABC2E66C09A02F1764E
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 5DD8B08688EB8C8072FBC2F727747051
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 61F55F59B6F2AEC6A167C622F1361F58
Requests: 1 HTTP requests in this frame

Frame: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34C6E7BE6EDA0ED5560EB03AEABB8576
Requests: 19 HTTP requests in this frame

Frame: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A984903E40AA4E6D7E87A19902E2E27F
Requests: 14 HTTP requests in this frame

Frame: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F6C94DE2FF1FE9970E904CADE2BA0E2A
Requests: 14 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 8AB2192F93EA8F0EC92868D4EACB9BD8
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: F78ED26E031039E19204A82691A11795
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&adk=1812271804&adf=3025194257&lmt=1687013206&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013205550&bpp=6&bdt=3255&idt=675&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21baf416523e903a%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MYsSBccrIefPO6Sc_tVG1Ld-2zV2Q&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&nras=1&correlator=4154209518095&frm=20&pv=2&ga_vid=1450125800.1687013205&ga_sid=1687013205&ga_hid=62594710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789818&oid=2&pvsid=3978466103988540&tmod=1558432215&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=742
Frame ID: 870854EE314E141952669F228CE02F10
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv16.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D133100650099823%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df7a51f987bd944%2526domain%253Drd.fharr.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Frd.fharr.com%25252Ff224541e61e27f%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fro.gravity%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D450
Frame ID: 15381990518EB6C40167A28ED2E09882
Requests: 32 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJd5IUAAAAAB8sW7WNlAIqHyPeI1I7mKAdsOwF&co=aHR0cHM6Ly9yZC5maGFyci5jb206NDQz&hl=nl&v=SglpK98hSCn2CroR0bKRSJl5&size=invisible&cb=d23s1oexbr5e
Frame ID: 7EB38B85ED7A2A5CAFEE2CF9C6C2D024
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNU3fPPSLr1hUQ-UwfT-wS_3ybWwCOmyZ4fOL-rhTSsSOo7-y2zH3fsyIZS6Sg0g6bHNkD8cw5E8NSw5QQE2-k1rFFA48_4RXuyN9qIMAjsnXHw2w9TirlOWCHY4Eep2yip_6Njw8I1j7sZcNGoiF_zeTjXetZKqPwdXj5MnJj3d41oKOTI
Frame ID: 37E213A338E678308B11B2FC99604A08
Requests: 5 HTTP requests in this frame

Frame: https://b766e2ae11ee81bfd6c3800a5ab3357a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3E612837E35F4D33DA310E6C2A263B5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUACwh7dwR4wmbExM64YMOYPyRvS4DJXoRKHbk5vsxbZQts2wuO9qJWsbJzSC5G4BirOOODYzt2wUWZZhxWk6tPXNcnF8GgZthFqAIhVLVFpe559kqigTsVGTnvZSC9FHhFHXDVUWp4KcJHLihSxPA_O7sWwFDYXrXzQALM3ACuE9aWYAA
Frame ID: 929508B4BC3242ADBEDEA03557C1F025
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNWWjPs5TfKgIRkQoX6S96VFLoH5XNSUbwBdPQn33eD7HEzEjlZ6t4g3IKePAr129nqcnWoxI8P09TZOsirDrL9ztH3RcWSXNM2r90Gz2CNgzoPN8PxdWVahqiMLhliwUAk-YkVb9_xiDS_7XdQO69kbsBnJ5-IC3qa-OUY6GMKFmjO6PgA
Frame ID: E2423200CBE5003BDBD5557648DBB921
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5QNns3O0KGmarfL2maAexLO2z0H5LsEXKUaisviRCNpOtfyVc_dMk39FCASFkjyYVUviusWUvZofpApHL98gX705HHvrV6cz9lulapHkXuzMTLz6u5ln1eh6Cb6B_rWNIVnM-xUZjXzJqEjVPle5vui2gcu8DuZjoQWffcFJznqdfxUGC44GCCWROl_rdykn6obtgEK8322ks6uDzqSWEC7OcHTs5GQcL4H5ddU1Y6GGzTiOFc9HqGM9ixlsrpQjJR2N7wXRpy3Yl7IiiNmrpVZ9DmYpDipD29maWVBK4OeD3lQDazHv6u9DQU03EkabAcg5bUJKgCfsHN6UlIM5Gfq9iCg&sai=AMfl-YSZFircPYpg7DnUIuL2KzvoinVZrbQZ9Rh0xL5Fu23wCRW7N3k4QDWmQGIxwG-7T66ixisatangcHBiLpPGP4ZJWMLjiC3tIBB5Wlauqh01vQJOR6hteB9f5KI8ukcDPg&sig=Cg0ArKJSzPwPaDdCZPYmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1891F176ABE3CCA82D2C63367B77F964
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AF2918EF065F3455B1559BD0B92BBDFB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 70C6855E3087C63B775552F22709671B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1EDE5FBE6C76B8B79A63C71CC06E632
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E1AD68010B153B0B103DB84DE42BE82F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3971149FDE42F721B90996DC555857AB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Frame ID: 175317EDCD572846AFE2B3924BF4112C
Requests: 5 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=62216300067296704444476012358019&pv=1
Frame ID: 49A0B501BDE55ACCAB96FC620EC582ED
Requests: 1 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
Frame ID: E11A7FF308576DC3D57E76D1E3BE74E5
Requests: 9 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=1031723&v=8472&q=318383&r=235229&pref1=99253600071013804444450012358008&pv=1
Frame ID: 8A3B79D87F813FBFF5FB68F4FD45F184
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2739664&v=8462&q=320784&r=235229&pref1=99253600071013804444450012358008&pv=1
Frame ID: 42BDFBF0EFE9ABF9CE8F8F30E0E9CE19
Requests: 1 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb
Frame ID: C7FC063B679EF54F60F68AE8992BE273
Requests: 7 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=1031723&v=8472&q=318383&r=235229&pref1=11776700071013904444454012358008&pv=1
Frame ID: 63C8884D9CD50B5186F3811234BBD805
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2739664&v=8462&q=320784&r=235229&pref1=11776700071013904444454012358008&pv=1
Frame ID: 3B25834E4C45AD873B26B6CE33A9FC67
Requests: 1 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592
Frame ID: 943CC5225503783C0B329C2F94C95CC8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532
Frame ID: 51E0C276155961392C48505A81A2D616
Requests: 18 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7BD0459FE6AE93BF62EF5DE8A036E197
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F7D6EF3751293C108617792E0F55B304
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E291BCD77E5AA96C41D5C0496E93EB5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi-h7zGATAB&v=APEucNU-Fjsm5Wuq0MRgO9eKvAIGWEoAsNtpKLwFsFQWj2u7q5POgPGxmwLbnHDE27q_l6boVpopzRO_zInVn3k9VXy9qnWp4Hrv39TSdc__HB47_wt7FD4LnFX6izXwYWc1GUdcL4gTVgWSQTdoGFR-M7C2KAobKojwRk7aXtjozJuP8FAhg08
Frame ID: DA7552235BA211EAF64D67CD62652B10
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: D7338EC77BCDAC363D4E0726625E2AD6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 393A68EB1226BBBFFCE0227B9440832E
Requests: 3 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=14940800071026304444470012358003&pv=1
Frame ID: 2AA758CE92248D64FF0A430795B82724
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=1031723&v=8472&q=318383&r=235229&pref1=14940800071026304444470012358003&pv=1
Frame ID: DA52809A6EEAC55EFCC37DBBC53233C1
Requests: 1 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=14940800071026304444470012358003&a=cb1cb922
Frame ID: 94A98FA512DE6E37995BD5D2E4F19DC5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5B547EDD2F6493EB38FDB83E6A67807D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C3EF7AE0780AADAEF599E59B77EEDA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E2957B42203AF49F3B4BACA5620FACAF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BBE8729375A547F93EDC3D49BD428E52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B20FAFC40E5FFFD97FBE8AC82C9489D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RO二十週年限定帽 | 道具-仙境傳說(RO)幻想廳(FTH)

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Bootstrap Table (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+href="[^>]*bootstrap-table(?:\.min)?\.css
bootstrap-table(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

343
Requests

87 %
HTTPS

49 %
IPv6

44
Domains

69
Subdomains

52
IPs

9
Countries

4926 kB
Transfer

11844 kB
Size

48
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://cookie-consent.app.forthe.top/why-websites-use-cookies/
Title: 更多資訊

Search URL Search Domain Scan URL

URL: https://game.fharr.com/
Title: 支援廳

Search URL Search Domain Scan URL

URL: https://www.plurk.com/fantasyhallstudio
Title: 噗浪廳

Search URL Search Domain Scan URL

URL: https://shout.fharr.com/discordinvite
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fantasyhallstudio
Title: 臉書廳

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/%40gud9484m
Title: Line私訊

Search URL Search Domain Scan URL

URL: https://shout.fharr.com/lineginvite
Title: Line群組

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fantasyhallstudio/
Title: InstaGram

Search URL Search Domain Scan URL

URL: https://ro.gnjoy.com/
Title: 南韓

Search URL Search Domain Scan URL

URL: https://ro.gnjoy.com.tw/
Title: 臺灣

Search URL Search Domain Scan URL

URL: https://ragnarokonline.gungho.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: http://www.playragnarok.com/
Title: 北美

Search URL Search Domain Scan URL

URL: http://ro.qiquanwl.com/
Title: 中國

Search URL Search Domain Scan URL

URL: https://playragnarokonlinebr.com/
Title: 巴西

Search URL Search Domain Scan URL

URL: https://roextreme.com/
Title: 菲律賓

Search URL Search Domain Scan URL

URL: https://ro.gnjoy.id/
Title: 印尼

Search URL Search Domain Scan URL

URL: https://ginyuki.com/
Title: 銀雪黛洛

Search URL Search Domain Scan URL

URL: https://s010381.blogspot.com/
Title: 任務筆記

Search URL Search Domain Scan URL

URL: https://cgn.netlify.app/ro/
Title: 仙境全書

Search URL Search Domain Scan URL

URL: https://forum.gamer.com.tw/A.php?bsn=4212
Title: 巴哈姆特 RO 哈拉

Search URL Search Domain Scan URL

URL: https://rocalweb.github.io/
Title: 素質計算機 (Renewal)

Search URL Search Domain Scan URL

URL: https://pay.fharr.com/donate-with-2022
Title: 捐獻我們

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: 隱私權

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: 條款

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 77

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1&C=1

Request Chain 111

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI3HVw9flAdfZ-hMZhEzyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENWeM7mhhjsiUTs9Fda6g1I&google_cver=1

Request Chain 113

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0NTY2MDU0MDc2OTc3MzE2NQ%3D%3D

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDryPQqRO0GjwYt4k_Rh3e8&google_cver=1

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFbIH4wAym4y9W7QAXkt3Vg&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDryPQqRO0GjwYt4k_Rh3e8&google_cver=1

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFbIH4wAym4y9W7QAXkt3Vg&google_cver=1

Request Chain 179

https://ad.doubleclick.net/ddm/activity/src=8930343;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%ord% HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8930343;dc_pre=CPWz_PfFyv8CFRKKsgodbZELDw;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%ord% HTTP 302
https://adservice.google.com/ddm/fls/z/src=8930343;dc_pre=CPWz_PfFyv8CFRKKsgodbZELDw;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%ord%

Request Chain 184

https://hal900019.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=ca463df867&subid=&uid=60bc36485b71ced9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDv1wVMeNZIHMPLqH9fgP_I2g-AHM-YagaaOwx__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_QnNWtRabSddSVMoUCrgyFzgag0cHrebFewND3WPssxRdVxf_8gw778Yx7qon7P5FqFvJ9N3physnZ4g6egxeqFm3LAKtKaP0Vr6qRDjqoy3_DZseew4xTU0tNw-3DzMqA-orn-7ltujgJ4Z0x1etZGcKc8ro3iL-qRffeYpXvy18TtFWB95XE7-iHCb_jH5l4ovBsnytHBV1IAX_dy5iwjDumz2sDkX0_UFBplg7FvkfcRrmqABHHcR73qxufJGFSdPzUhHgNkD5HqfvlLE88rbOUqU2j1UtXhtqrj52hBhsss2V3wATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_2ys3igDX-6QYzv1fJks1p3FRMBgg%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-B3TyP_d4iP8DzYR4LljygyV_YAje-k_QTebXwtVigu1-41xwBHhQi5bnazf1HpiQvKZqiakP3Ri6vxecejFO88ErSwqJkPjIedUTA4vcixAPj-UFSVsvk99mmgdd0WtiQxNeeMVW1ug3Ncq35dZ1RtOtI88D5WxzsXAM2nGxkwbNlEFbA%26cry%3D1%26dbm_d%3DAKAmf-DPAt-a5Jr9dIRs5gJ44EM_P6Lcbg988xdVt2Fi-VoCAG_SpeTlreQLCYoA4ANruEOPrK5t1Rg4GKZ_7_ST30zBjYsZihB0sfEOA-aaZvEjhJDM31R5IqdMRrI2fOz6tI-hXKaeh_eKjemgPx4Om2m46ImBSjO2TgE-_951Jcy6MFjiK25iWiyY1A-9vCcnkVVJh8xkojQC5abCwkHQ_XsT3_9xcOqxkPJQwn3cG1AdqimZLqikCcJqy51yvwSms0aXR4WInxkrYvqmAFE-lUSca-GjVk49-lABv9Cajy6UBhv5MRj8tuKc6EhIZyJ6BW2RzvPmHIuh46F0pnlHqsufcXD8d54if5d1o1wAl6asa8HeILqjTPNa4hS1ElWvnlpZbW9idp4GJcNBO6WZ9UbysgLBP3j4GsYo-RhYp_rMzUnPwQKSiOfuAThTrK7uiYxPOPCEmzVNfyWtSecLY97YxWdy18TCEBEHDqyHmPkgKgMXnPC2xR555Qe-bNyz4_9Aan78jL7hPGzg_fwgL5X-9Oi20Pts_KcUoUhwu0698ciUhHDUOwFeygNnPRHWOzGcco25%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=8814289157631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900019.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=ca463df867&subid=&uid=60bc36485b71ced9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDv1wVMeNZIHMPLqH9fgP_I2g-AHM-YagaaOwx__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_QnNWtRabSddSVMoUCrgyFzgag0cHrebFewND3WPssxRdVxf_8gw778Yx7qon7P5FqFvJ9N3physnZ4g6egxeqFm3LAKtKaP0Vr6qRDjqoy3_DZseew4xTU0tNw-3DzMqA-orn-7ltujgJ4Z0x1etZGcKc8ro3iL-qRffeYpXvy18TtFWB95XE7-iHCb_jH5l4ovBsnytHBV1IAX_dy5iwjDumz2sDkX0_UFBplg7FvkfcRrmqABHHcR73qxufJGFSdPzUhHgNkD5HqfvlLE88rbOUqU2j1UtXhtqrj52hBhsss2V3wATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_2ys3igDX-6QYzv1fJks1p3FRMBgg%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-B3TyP_d4iP8DzYR4LljygyV_YAje-k_QTebXwtVigu1-41xwBHhQi5bnazf1HpiQvKZqiakP3Ri6vxecejFO88ErSwqJkPjIedUTA4vcixAPj-UFSVsvk99mmgdd0WtiQxNeeMVW1ug3Ncq35dZ1RtOtI88D5WxzsXAM2nGxkwbNlEFbA%26cry%3D1%26dbm_d%3DAKAmf-DPAt-a5Jr9dIRs5gJ44EM_P6Lcbg988xdVt2Fi-VoCAG_SpeTlreQLCYoA4ANruEOPrK5t1Rg4GKZ_7_ST30zBjYsZihB0sfEOA-aaZvEjhJDM31R5IqdMRrI2fOz6tI-hXKaeh_eKjemgPx4Om2m46ImBSjO2TgE-_951Jcy6MFjiK25iWiyY1A-9vCcnkVVJh8xkojQC5abCwkHQ_XsT3_9xcOqxkPJQwn3cG1AdqimZLqikCcJqy51yvwSms0aXR4WInxkrYvqmAFE-lUSca-GjVk49-lABv9Cajy6UBhv5MRj8tuKc6EhIZyJ6BW2RzvPmHIuh46F0pnlHqsufcXD8d54if5d1o1wAl6asa8HeILqjTPNa4hS1ElWvnlpZbW9idp4GJcNBO6WZ9UbysgLBP3j4GsYo-RhYp_rMzUnPwQKSiOfuAThTrK7uiYxPOPCEmzVNfyWtSecLY97YxWdy18TCEBEHDqyHmPkgKgMXnPC2xR555Qe-bNyz4_9Aan78jL7hPGzg_fwgL5X-9Oi20Pts_KcUoUhwu0698ciUhHDUOwFeygNnPRHWOzGcco25%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=8814289157631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 244

https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=62216300067296704444476012358019&pv=0 HTTP 302
https://ui2.awin.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png HTTP 301
https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png

Request Chain 264

https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=62216300067296704444476012358019&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg

Request Chain 271

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEzx4H9ufQSj6DBKbR_3ses&google_cver=1&google_push=ATf1kGMcquYy8C6kd3Wo2PRtNSfXMfphq-e5LXkxDaDyp9AWE3tsPHzEOP52Y6uZJjOVrZ-ZdNL9SSRSDUUnUqJkst8MBPfg20LGeA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEzx4H9ufQSj6DBKbR_3ses&google_cver=1&google_push=ATf1kGMcquYy8C6kd3Wo2PRtNSfXMfphq-e5LXkxDaDyp9AWE3tsPHzEOP52Y6uZJjOVrZ-ZdNL9SSRSDUUnUqJkst8MBPfg20LGeA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3A5TTBnMHIxUWF4Y3U1&google_gid=CAESEEzx4H9ufQSj6DBKbR_3ses&google_cver=1&google_push=ATf1kGMcquYy8C6kd3Wo2PRtNSfXMfphq-e5LXkxDaDyp9AWE3tsPHzEOP52Y6uZJjOVrZ-ZdNL9SSRSDUUnUqJkst8MBPfg20LGeA

Request Chain 272

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA6tzEIGxPkXy88qYU464YU&google_cver=1&google_push=ATf1kGOEzZI9eHVqnz2MAFAIcqS98btYn8MEplpie_FMC0D0qkKm-8v2ywixr-nGU4US0LSXxeCXG3G2E53rT6EOVnP2Rv_snuFS6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOEzZI9eHVqnz2MAFAIcqS98btYn8MEplpie_FMC0D0qkKm-8v2ywixr-nGU4US0LSXxeCXG3G2E53rT6EOVnP2Rv_snuFS6A

Request Chain 273

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJKfgxhDLRJK0y9F4fBemDM&google_cver=1&google_push=ATf1kGMvU_V6n-PN4w8eZbFyfX2Zo1nqe5JZQP-p4vP4-YsaSYOyLP6ckw0PKkYWMjFRd4KwlWE13gHZvZU5kwy5oabFpShBIkr4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJKfgxhDLRJK0y9F4fBemDM&google_push=ATf1kGMvU_V6n-PN4w8eZbFyfX2Zo1nqe5JZQP-p4vP4-YsaSYOyLP6ckw0PKkYWMjFRd4KwlWE13gHZvZU5kwy5oabFpShBIkr4

Request Chain 274

https://um.simpli.fi/gp_match?google_gid=CAESEJt3sm7X3ZneQh1vrqiQEEM&google_cver=1&google_push=ATf1kGNDA7hhmz7LrfKpdsB6kBE0t___0S9oVGBqyKuP4ecUgsGwun1r76f0I-aUxNH4ACjBPhUEz6k-fn--K-T7HJvRehitwcxfrA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5935C494F3454FFAAD03029B4ADEB089&google_push=ATf1kGNDA7hhmz7LrfKpdsB6kBE0t___0S9oVGBqyKuP4ecUgsGwun1r76f0I-aUxNH4ACjBPhUEz6k-fn--K-T7HJvRehitwcxfrA

Request Chain 276

https://ads.travelaudience.com/google_pixel?google_gid=CAESEO2WT70BIdiTezXwiiihMV4&google_cver=1&google_push=ATf1kGNj2oQEL3FhBW6gYooD92oEdO12FqEGGLNqrtJ2caSrLl908p6bGjweLk3btH9WviP5ri_8BYuYsC_hR-d8NKKk5naIckLsAQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aCiySLi4SriZEefi_IIZIg2&google_push=ATf1kGNj2oQEL3FhBW6gYooD92oEdO12FqEGGLNqrtJ2caSrLl908p6bGjweLk3btH9WviP5ri_8BYuYsC_hR-d8NKKk5naIckLsAQ

Request Chain 279

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 290

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=99253600071013804444450012358008&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

Request Chain 293

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=11776700071013904444454012358008&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHahikIo17x5ZVjCdJTQKPU&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHahikIo17x5ZVjCdJTQKPU&google_cver=1&__user_check__=1&sync_id=cae6a166-0d1d-11ee-ab3e-14604df00206

Request Chain 295

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=cae5c180-0d1d-11ee-8034-180e33a50406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2FlNmExMGMtMGQxZC0xMWVlLWFiM2UtMTQ2MDRkZjAwMjA2

Request Chain 296

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1VRHJ4WWpwRTJ1RUIuRFJPaFVqaHJIWUd0MW1UanVfVX5B

Request Chain 317

https://ti.tradetracker.net/?c=34211&m=2005487&a=70002&r=14940800071026304444470012358003&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg

Request Chain 320

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA6tzEIGxPkXy88qYU464YU&google_cver=1&google_push=ATf1kGPVfZ7UyZQn40SabJL8bEpchh9WLOulONFL8SoILvLqNs8P-X22FqKxuSvxXKPj7sBfXAwItOSAwBDy1LOpAhZPdzYOrV7h2t4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPVfZ7UyZQn40SabJL8bEpchh9WLOulONFL8SoILvLqNs8P-X22FqKxuSvxXKPj7sBfXAwItOSAwBDy1LOpAhZPdzYOrV7h2t4

Request Chain 321

https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGNOBijpartkxcq5bJVISYgbPG3JZU1e-WTSefQ_T4sCF1psN3D9WpEZQQcn1KlSeq60mqzV9JzR2FcT26yq_Vt31q8Ou-82kcE&google_gid=CAESECb40qE6rK35ENnaqbIuUsA&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNuOt6QGEgUI6AcQAEIASnNnb29nbGVfcHVzaD1BVGYxa0dOT0JpanBhcnRreGNxNWJKVklTWWdiUEczSlpVMWUtV1RTZWZRX1Q0c0NGMXBzTjNEOVdwRVpRUWNuMUtsU2VxNjBtcXpWOUp6UjJGY1QyNnlxX1Z0MzFxOE91LTgya2NF HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWZBb09CN3R0eFVZWlJEOVNFNUFaTkctLVRDZ2tzQ3VJd3lDMzRMRzd6QQ==&google_push

Request Chain 322

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHfeaZNdGokbVdFujKBcgM8&google_cver=1&google_push=ATf1kGNhk66xdj5ceYFf4OUSwf08I0_V4fyeCbNfGK7XHIsjHtil_0peRQIJPeRajo4R3hJk4NdWWVvN6PhUVRPE4RaEnlJqz0WsebE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTY2NjU2OTE4NTUyMzg2Nw%3D%3D&google_push=ATf1kGNhk66xdj5ceYFf4OUSwf08I0_V4fyeCbNfGK7XHIsjHtil_0peRQIJPeRajo4R3hJk4NdWWVvN6PhUVRPE4RaEnlJqz0WsebE

Request Chain 323

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEImVizFvvHSbDTqIsxseR1s&google_cver=1&google_push=ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-aPHeGFSBn8jfeO9ffk HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEImVizFvvHSbDTqIsxseR1s&google_cver=1&google_push=ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-aPHeGFSBn8jfeO9ffk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-aPHeGFSBn8jfeO9ffk&google_hm=-f7OiOFtS_GT6lADdT8fVg==

Request Chain 324

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGsv1T_5WehDQnHj5Ud1loU&google_cver=1&google_push=ATf1kGPSuczqXgY6DNLymLCmIBxxgBKaJPaaW2QtrtGRi6Et2j8AF4Alsz468j8GXyj7oP46uJYOMMOXPnULNYbRT5nNnWsJwULXARg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPSuczqXgY6DNLymLCmIBxxgBKaJPaaW2QtrtGRi6Et2j8AF4Alsz468j8GXyj7oP46uJYOMMOXPnULNYbRT5nNnWsJwULXARg&google_hm=eS1CZWZ6clpKRTJwR1ZXZ1BvUm40b2QyWEk0dnoueUU2aH5B

Request Chain 326

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPlIdNSqR5yjHe-f8rNcSxs&google_cver=1&google_push=ATf1kGO1CGPqF2HKCrD-7RDmTqQ7vw2lGyFPlTW8wIFG65-QfLwUMDx-e65gXf9qrvJ93_X8kxke99JdjVEzPcs0KyedMd06a40GDsH9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO1CGPqF2HKCrD-7RDmTqQ7vw2lGyFPlTW8wIFG65-QfLwUMDx-e65gXf9qrvJ93_X8kxke99JdjVEzPcs0KyedMd06a40GDsH9 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 329

https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=14940800071026304444470012358003&pv=0 HTTP 302
https://ui2.awin.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png HTTP 301
https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png

343 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 400368 Show response
rd.fharr.com/db/item/ 44 KB
11 KB 1580ms
1489ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52eb97e8e51270cb95234ab1051112a438e9be09864739d2bf9280ad9cac1067

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d8c15592bfdb7fb-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 14:46:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFtUHujMcaKcQ8iQcLmJIbssiWlNPaZ%2BXl2ge%2BKIYMq9w%2BNPFdhcNBFiMZqrmiDncqzWdu6uTYINqNvGD8Scl3ibgbtT3WZktcOww9XwCBeGXSuY8%2FWumcdSZUh2BPe1ncf9oeKIb3w2408%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000;
vary: Accept-Encoding

GET
H2 200 btbvzReSIPvRLGCsMSTB13V7bxY.js Show response
rd.fharr.com/cdn-cgi/apps/head/ 5 KB
2 KB 394ms
391ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/cdn-cgi/apps/head/btbvzReSIPvRLGCsMSTB13V7bxY.js
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab51bc94a2396b28801d741047d0243940111c3ab87897b76e241ee30ff51c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:42 GMT
x-amz-version-id: OkZQOglHDs1QrVcUsP9AipWBLz2rfU35
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0FFDXBEQXCK0213N
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Wgc15TpClr+r5+Tf3txwyfwqowwlozjx/ooIlvKKFYwrUmq7aSaShJ4l8xFxQIuvNOS0swMHplw=
last-modified: Sun, 30 May 2021 09:57:53 GMT
server: cloudflare
etag: W/"9a41943305ee1e1a7765ffb878d36ddd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHTbhGgwfXrI0PLZAk%2FaGYz1I5zQUQvK5QD7EBcVb0VDEx6PPr1CsmDA6xLN15DPdxjD7X9w%2BKVgZv2%2B2KfYWbtodkWKwHSPT3dTGhq85v610EynRzomVYxuNS7bX%2Bk%2FABar%2FTigOvc7rRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d8c15627d4eb7fb-AMS

GET
H2 200 bootstrap.min.css
rd.fharr.com/assets/styles/purplekit/theme/css/plugins/ 160 KB
25 KB 1538ms
1535ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/css/plugins/bootstrap.min.css?v=2204060724
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34642785562ffe09f193a2ec34ff70e1af0abf170d601208368108fe526292ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 23:24:17 GMT
server: cloudflare
etag: W/"624ccfa1-28020"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4i3Hb1zHslbYwsKOkcx91uWsV2Co7Cnlc9HfnGbotdYzZGvrPdqT4GqbBxkfW%2BmsQbSUPEQq0G9l%2BjmtZ%2Fi7eMCA23D8hc%2FrQExRSDsB%2FEXZHfrME9YX5H92k5XrHcf%2BCUKCjyTWUeqTdo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d4fb7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 feather.css
rd.fharr.com/assets/styles/purplekit/theme/fonts/ 13 KB
3 KB 1167ms
1164ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/fonts/feather.css?v=2204060724
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fd35ca0a9a97e5a6added2c31fe44939578a8828361dab23644119e0e8a43d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 23:24:17 GMT
server: cloudflare
etag: W/"624ccfa1-33a5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGDe9C7w2aS8YZJ29Yw6nysB2kr98C0phpfELCkJLNXwbnA648dDBGQKu0c67WyXPQcSXx8MXECyeNytEm9DFBlnOyhoplq8gfeHzrVnVE%2F%2Br0HTUDOiZPWfUZrT8%2BJYWHPxuvu0zhkphU4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d50b7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 material.css
rd.fharr.com/assets/styles/purplekit/theme/fonts/ 537 B
606 B 1166ms
1163ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/fonts/material.css?v=2204060724
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca44939771e7b3dc9dda2aee02fbb5559c6028d928378277105e7c8a5a8e4333

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 23:24:17 GMT
server: cloudflare
etag: W/"624ccfa1-219"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BJPB4WTq4Kutvs%2FJXcFB4mh6756xWaLDNY1OXuXjovGP34RE0L4IaHJPi%2B%2Bg615IbaufrhmQNBzTOxFXpH%2BwAMhh9PqaTjq7z1TCLVA%2FOJGGIe5CRzyMKpPeQJW3H9sLsgqvgozx9i%2Ftrw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d52b7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
rd.fharr.com/assets/styles/purplekit/theme/css/ 403 KB
63 KB 1699ms
1696ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/css/style.min.css?v=2304012209
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a65f681a2da07843684984c2de38e9a100b43c5e3d72dee9f42f2470c19d394

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 01 Apr 2023 14:09:54 GMT
server: cloudflare
etag: W/"64283b32-64d4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLuq1YUi1iZmkXXTfXQ4BCcIzEGhKK68mCARFS%2BL2%2FfQuIZam%2BwVd5HIE04EEKlsAp%2BTnaSGBYQXO8niaunIlVx6ldvQkN7r4nreDNDJ8BM50ZsTZfEUYUmBY2G7o5PFzKCI%2BaVzgRP9VOY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d53b7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 landing.css
rd.fharr.com/assets/styles/purplekit/theme/css/ 9 KB
4 KB 1269ms
1267ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/css/landing.css?v=2304301839
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 891e7ef609ccc8ff7840003e8ebffa60120b7a30265e9ed9632fa9a2a7d62dc6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 30 Apr 2023 10:39:07 GMT
server: cloudflare
etag: W/"644e454b-249b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB7XDxzXqlMyCF%2BdI5S%2F7HO6npx2FBuNyNbqUEubhVqfJ8V3iKawUeRNVIV%2BNJB2W6ctF3n4XS1ysoGnCLAda649bFXSZHVvVhueG1lKA%2Fq%2Byl4eHfqOGlH1huuXl3krtQWOypPZgEWquuM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d55b7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap-table.min.css
unpkg.com/bootstrap-table@1.19.1/dist/ 9 KB
3 KB 109ms
49ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap-table@1.19.1/dist/bootstrap-table.min.css

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643f536f6982af4d7287af23f89ad457dd7e4a82f9c695330a112b0881c30a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 18520576
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GHWYHW10Q3HDX3NG4MJMN4BG-ams
server: cloudflare
etag: W/"241e-hC3JvIrcWxypAPWKF1lnNCen6e8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d8c1562e94e0c3b-AMS

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 489ms
429ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

Referer: https://rd.fharr.com/
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0FFBHDYQ7MM1VVDY
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pkF+dDdL746hJ1h8ukI8a/lDYJtoL1Nfm4Cnj0Lb8SZxPSdG6y4P3qD2GzRzBe4W4PHhLcFLykU=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRxYUEHVkVDcdT1QWiVSWef4V49hfSfia2Tp7CCtqwrSKDfGdtzFUd4WsMmE2UrZLlJoKS%2BxvpyHVFA1BexvT1L%2BgtC4NYFZXO%2FXnP6V%2FDJ40GnUzF%2F4TqVrzVLcWQFH9KuqTgn%2BbKRZEQpYHqC4bc4y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7d8c1562ede51c77-AMS

GET
H2 200 bootstrap@5.1.3.bundle.min.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/plugins/ 76 KB
24 KB 1639ms
1637ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/plugins/bootstrap@5.1.3.bundle.min.js?v=2204102139
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 10 Apr 2022 13:39:52 GMT
server: cloudflare
etag: W/"6252de28-13131"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzWxTtw6w3M4MkuUMPPA1F%2B8OXmHHrwRc1FGPRyMQT477rwViBbCbT7SDuX6G0JVkt%2B%2BcF0kphUmtpj4j9ZPzdYtjQ1dHA8dAv7ESfRX824D%2F%2FdztEOWeYn5DfjE4irpMHFMRJqTHkqK%2Fvw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d56b7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AdBanner.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/ 1 KB
1 KB 1165ms
1163ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/AdBanner.js?v=2304051405
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85e157816a19be2d1d5c143ead57834a8647722bd4f9f5f0fab85d853f8ff41c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 05 Apr 2023 06:05:06 GMT
server: cloudflare
etag: W/"642d0f92-5b7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vieuQF2bTYpxFV%2BB%2BvGWyoG2o06NkiW1ax26CxOCCVQcTdWuYcXRZcQ%2FsCU3F47nEVZVBTTYjHBBdTSiWssxK%2BkSHHnxX9d6kA1XK%2FFGbket1k7MLlMat5vFp4M7IV8cqCVRaW51dYWeyYo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d57b7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AdConfig.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/ 2 KB
781 B 1203ms
1201ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/AdConfig.js?v=2304212100
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5efbd6f6c2a750d9e6f4f88e3aad3ae937b9e27313afbad9b2ef6ec58e78c56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 13:00:16 GMT
server: cloudflare
etag: W/"644288e0-735"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auowIDUxLqfLF8GsHLwk5gcsMcI2fuZ6OcRp4eZgSsRU7AUcmYz9%2FOHqQFlJz7Rm2S0O1cvU9aTxj5imU4TO4juXu1b2HhRDJGpN1psp7so%2BvGNUO2CvhMyoFUc9JtHB7gTlMCXVpHUcVvY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d59b7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery@3.4.1.min.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/plugins/ 86 KB
31 KB 1616ms
1614ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/plugins/jquery@3.4.1.min.js
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 10 Apr 2022 13:39:52 GMT
server: cloudflare
etag: W/"6252de28-15851"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9fdb89Pt%2FjoiydGTFMhWDj2pJNhsI3RkgPy2zgI0XzGAzBlZNrLHMs4NEq1sVIgw2eLSPCC2qzT%2FmGS9EAlNEF9CcazTKlye5B8JO5H0tQJ2rMzHnMtUsfoKBAQn4Xi5nU2QVaHiQnApmk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15628d5ab7fb-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 17 KB
17 KB 324ms
37ms Script
application/javascript 2600:9000:223c:6e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: zD9.Cbfx8TYSkl7RuTjaI7R4kG4gYwIG
date: Sat, 17 Jun 2023 14:46:20 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 09:57:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 25
x-amz-server-side-encryption: AES256
etag: "43a50f8c40c3cffa2f15e77ea30165c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17223
x-amz-cf-id: UE_FVb0nvE2V3WqWBzhCV1aRIToTX8yZ97D1GZjyvl5yH8dB0yHEIQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 422ms
301ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78678bde6a7af3edd9a56272656d718e0358f438e4d4f5f1946fec3ad0452f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25360
x-xss-protection: 0
server: cafe
etag: 570 / 19525 / 31075344 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 377ms
90ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8211648974049874

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d4e65e83b46567e196932605bfde1ad55b4ca8c011dc0518aa929aafc016e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47469
x-xss-protection: 0
server: cafe
etag: 17690651341634257498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:44 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
903 B 216ms
75ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfJd5IUAAAAAB8sW7WNlAIqHyPeI1I7mKAdsOwF

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17be9c4cfa911f942924a4390e97e50322e4698c21fae09fc77afd0115c25494

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 583
x-xss-protection: 1; mode=block
expires: Sat, 17 Jun 2023 14:46:42 GMT

GET
H2 200 wrapper.min.js Show response
cpt.geniee.jp/hb/v1/216481/680/ 7 KB
2 KB 965ms
269ms Script
application/javascript 222.230.178.131
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/216481/680/wrapper.min.js
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.131 Bannaguro, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 023412b08879f730e5e92ce2465668df7b114f10a03a74fed9ebfb1ae457c0e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: gzip
last-modified: Sat, 17 Jun 2023 14:05:53 GMT
server: nginx
etag: W/"648dbdc1-1a6c"
content-type: application/javascript
cache-control: max-age=3600, private
cross-origin-resource-policy: cross-origin
expires: Sat, 17 Jun 2023 15:46:45 GMT

GET
H3 200 logo.svg
rd.fharr.com/assets/styles/purplekit/theme/images/ 8 KB
4 KB 1311ms
1211ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/images/logo.svg
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4ef9d4e3c23eddd125c6c38b454bc58e89ae4f094da8ace0ce988e14f8e480f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 23:24:18 GMT
server: cloudflare
etag: W/"624ccfa2-20a3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pr21lWZwbn%2F38gf1cXmwbAtBHpHsIV0P82qV5mOQqzFFbjganl7Qr7756oUqswua%2BedwTn3N%2FMbRZn1fK2q2A5XJpA19%2F5NXQ0XR2IxOjaImUlbl9pSEflJZgWy5HMn5ueyVb6z4hUJ8TeQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15712e850b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-white.svg
rd.fharr.com/assets/styles/purplekit/theme/images/ 3 KB
2 KB 1306ms
1207ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/images/logo-white.svg
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ec1b4732aa5f2941dcb223044858fbf912b123934c20db2b230449189d80853

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 13:59:44 GMT
server: cloudflare
etag: W/"624d9cd0-b8a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67uNU9q%2BP%2FRT2vPLgY%2FtwekBWKepRO%2BOoCPJmUGIyaqF%2F5RyRBwrCSNIdaj5HReKzql2WCVpC4TJlc6o5IUwVHVGJ2Tv3slxZbiK7%2B3Shk21fBr0gaKHK5kda6o5527UW8qXySfv8kEGGk8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15712e860b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 311ms
28ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84a1217c10ae88b6ee262083809913a5e182983e8ca188ac802f71e7ffda5541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rd.fharr.com/
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 14:46:44 GMT
content-md5: wkz1gWZM0N1B5WR30qt7FQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: HfXbgEfNRrXVoLmqeMy7AvSsl0hWH5iGorlOMeTIFh+ceZVHfJoRWXxueyhp0jVnLPv6XNhGASlPmOX+5IbveA==
x-fb-trip-id: 1679558926
x-fb-content-md5: b2dafe56e8de059c1b3ac417d6692874
cross-origin-opener-policy: same-origin-allow-popups
etag: "84da03ad3d71060c04ef328ff5bf64b5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:49:41 GMT

GET
H3 200 /
rd.fharr.com/images/dev/item/original/400368/ 22 KB
23 KB 1466ms
1369ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rd.fharr.com/images/dev/item/original/400368/

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98ab2327aafe23152777df8bdab46dbb10bc2e1d4828475eae8acf4addde8204

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Jun 2023 14:46:46 GMT
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUUNDR0z7yLbs8E8R3UsGWyewxPdsbdvskGaeiV5A12fKdi1w%2BGc4vgYOsVCC0pZ%2F1%2FfqWAAPKvEeDsV7cRIq4NCjZrb15WgYMA27t72wqNcAXT%2BqBJzi8EVpOXX51THU0xBYugGmvRdBLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
cf-ray: 7d8c15712e870b04-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 14:46:45 GMT+8

GET
H3 200 /
rd.fharr.com/images/dev/item/thumbnail/400368/ 316 B
767 B 1502ms
1406ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rd.fharr.com/images/dev/item/thumbnail/400368/

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b73ef8f878c5d3c3fe9cde874a42c8ac59eb7c6670ca307c90ec61da8ae786e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Jun 2023 14:46:46 GMT
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFqXKFqjispqovQkmcqTiCVe750cV6S3MN0LQpFGf5vsPm9uHRGIUvpes4aB7iIAeSY0S0EU%2BS6I2%2BnkYJXj%2BEJYeQBlG%2FxTgqO2zM%2F04AMxW0dvfGrTr2z2puPikCiV8W8o5vvU6KHCfXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
cf-ray: 7d8c15712e880b04-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 14:46:45 GMT+8

GET
H3 200 /
rd.fharr.com/images/tw/item/original/400368/ 11 KB
11 KB 1457ms
1360ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rd.fharr.com/images/tw/item/original/400368/

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0f61bd2773571bf2c2cf2e1236691a7d95c483ed6be48800a803a1ec6cdf0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Jun 2023 14:46:45 GMT
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpWf0z78vXLPcz0y28PJ9BFLnSgIIf38WzdtfyZhUGs3RTFJMqx2VwfUZjSYvAQ1cFHCilXXnFop2vQXznblOOi6lYdQ980fMYkLJT773rZLPOsg1%2Fa8hn52pVEyoONgXsMQdLgkf3YIU7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
cf-ray: 7d8c15712e8b0b04-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 14:46:45 GMT+8

GET
H3 200 /
rd.fharr.com/images/tw/item/thumbnail/400368/ 1004 B
1 KB 1465ms
1372ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rd.fharr.com/images/tw/item/thumbnail/400368/

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc5411b9a80037afad10b87736f3d5743e7e044548c942809b08a1d82e5413b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Jun 2023 14:46:46 GMT
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69CAImvtoGPLHwjxmhYoHNtUBvtgXqt%2F1VG8JZMR18ZJKGt2COnXZlpQyBEeiecxQGj2BgH4qe3YATCB3LJyKf%2BxxF3fhkIMrLIEXPj%2B0TxU1FD9Ou5GjrebeK6LUzXthR0Qcqyogox%2B66g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
cf-ray: 7d8c15712e8d0b04-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 14:46:45 GMT+8

GET
H3 200 vendor-all.min.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/ 215 KB
52 KB 1617ms
1615ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/vendor-all.min.js?v=2204071210
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a036a1843f56124ea89c3f56750aba2937b97f458605841d2b998052fdb3f5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Apr 2022 04:10:09 GMT
server: cloudflare
etag: W/"624e6421-35bc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKTL%2BBByMjqJi9FH5wPTKW8UnSsOGv0BtHcMEpNNaAmeRcnFWKiM5bUmG3t4DCKjAtQs4d7xZDj%2Bdpx2Xnqy0TxBnbww6hcfkm8ZRRD6LhPIGLyNL%2BikGKVexwf8rOxGFN7MqpLO06kn%2Fo4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c156cd8ca0b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pcoded.min.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/ 10 KB
3 KB 49ms
48ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/pcoded.min.js?v=2204060724
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48312d24549b2234cc2f025ed892b958782cc7087b4149dd7bc59885c3af3a26

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79557
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 23:24:18 GMT
server: cloudflare
etag: W/"624ccfa2-2713"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZfcEUimgoOMvrlc0NXMGvR71b%2FPaP1HhjHfWzx1Zg8OorbudQOYGmV6EPNbP2lCScQbmWZBBjq2Baz%2Bw2rUJ5Qi39Z6dRY5YHIRl2ecw5jnvmW9U6JCcaRmGwhYotzsHrf0G3FvhqpA%2BbE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c156d496c0b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 feather.min.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/plugins/ 74 KB
21 KB 1555ms
1459ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/plugins/feather.min.js?v=2204060724
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50a219e1f54ad1997a76d3c9b08d8c056e67a9073d9c115bb645fe6784c5b90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 23:24:18 GMT
server: cloudflare
etag: W/"624ccfa2-12804"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KK3f8c7J26bvURZuAGTuxbGwXfLmKnTW1ioj3D2MbxUZN9hCO8kICrSAFbYEyFwLB%2Fpw5tGJGy6Jou8KZ2iElaAsYC5WCcW%2BHVTt%2Fq%2F8Ctf7TxiVTx9DqjIwszgCanPDVnbs3OFyYe7w2Jk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15704d6a0b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bootstrap-table.min.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/plugins/ 119 KB
36 KB 238ms
131ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/plugins/bootstrap-table.min.js?v=2204102139
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06a571a9beb50bd5ddd60517159775dfec1f3e798fff38fb117ae2350dc9ba9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19735
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 10 Apr 2022 13:39:52 GMT
server: cloudflare
etag: W/"6252de28-1dc78"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PeEFT4HIOxSzo2PjomC1yKPhkVeB%2BytsRwaX7Y8BBLP8pCXaPyCbscIe8CEdLz4v1GveyfgAUjk0oTdYemRCpBV2gRFNDI1oAE%2B2Qm8RhjZq3As5FObF5O4OqZHgJMoHkAABv3DyekiLKc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15712e790b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bootstrap-table-zh-TW.min.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/plugins/ 10 KB
5 KB 1403ms
1296ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/plugins/bootstrap-table-zh-TW.min.js?v=2204102139
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce694cb33b0f878e76169a31c08cb470d2e3fced9b89d884a319d23b3264c02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 10 Apr 2022 13:39:52 GMT
server: cloudflare
etag: W/"6252de28-271e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRULd0Tg0HQqAEWDvNAkHcaQ2f6eXT65tfovJhZEe5C51UgKVyRIY4s27aDjhJZCJ5bIqF4FxNuruvBrZQuMMGyEIoSLlreQoyJSJRo9PgyQPS5gnRZE16YSd8UaplyPuYKxYX6VVET5Qyg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15712e7b0b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ajax.min.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/ 2 KB
1 KB 1310ms
1203ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/ajax.min.js?v=2204102139
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b703091397f3264db2e4915ef3655dcffc6b821e3fa4971664bc102c53dac1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 10 Apr 2022 13:39:52 GMT
server: cloudflare
etag: W/"6252de28-677"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yr3rWHFLC2Dd54861k1jfxUa0%2FOLoX0DhQMH5Djx8xNe3wGO9t6QG0yhcxYKvVcTwWJWSHEgqYvokJN9jDg6eeY8fBKIrPqwgIDd3kJdL6V3UuJErojO9aA495OWnGxf9fEVwBuvNxTu2I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15712e7c0b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Disable_AutoInput.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/ 288 B
741 B 1244ms
1136ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/Disable_AutoInput.js?v=2304160703
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e2ecbc274fd96f0dac163fbd5ee6318832451c2965540c7dc61e5f6e022704

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 23:03:59 GMT
server: cloudflare
etag: W/"643b2d5f-120"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6sBFToQJya%2BwtQzYAi5AfZfO1ZdKm55kLWJGZDVqEqGOEqFZT8gwzpPDCxWXNGxYJfqOTG9E5veb2Xy5GnelpMDIEqu%2F1Ra7hctcQqSYA8Z41QKUEayoPGKnqIDMolU0Y2U42piFd45EJg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15712e7d0b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 reback.js Show response
rd.fharr.com/assets/styles/purplekit/theme/js/ 768 B
872 B 1257ms
1150ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/js/reback.js?v=2304301839
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ad20254387801b671e998453de64ebc8fe5cd81816c0e1cd6a7961f7f2002e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 30 Apr 2023 10:39:07 GMT
server: cloudflare
etag: W/"644e454b-300"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMkkzn%2FrexyRrcE%2BVeew4qcYEpNXTnd26TPV%2FsV%2BxBEpn9E%2B8qV0MrfkHBWAwsWu%2BR4a4OlqUcDIx7B52kTZsKrleh%2FxyUc59T%2BiN8YOFTbNFcOoG8AoqH4f46ucXAmWNroxCrQlZ3QcX7E%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15712e7e0b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lazysizes.min.js Show response
rd.fharr.com/assets/plugins/ 8 KB
4 KB 1309ms
1204ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/plugins/lazysizes.min.js?v=2010240557
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Oct 2020 21:57:14 GMT
server: cloudflare
etag: W/"5f9351ba-1e5b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ5amN9ZUnBHCYnE7hJGQ1ktg%2Fh1F5WDc6ZTpWatIOliRJA9Tt2icFnOUtzEEZtoTjDu4TYyarunP0WYvCx37%2B4OGPSOhRUdJYkBTCSPeqwg%2Fv9aEuk1wv8aHOvBHm5%2BFhBfA485tSFv6x0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7d8c15712e820b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.15.4/js/ 1 MB
426 KB 839ms
677ms Script
application/javascript 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer: https://rd.fharr.com/
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JZWGQZGECE0NTRC7
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hj2MkLPs2e2mrVy8FzLhwkJmjbU3avF6pWWT+9g7ijN3CwVedWmxbOhktcE6YWQZZTtGHvP2yoc=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"5e29440867fdb02a48dffded02338c31"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEKd3N8H9gr30dzATSZOe4ffGaBIhIBFK3jNK2nJDLp5WGHup3QF31CgqhTXZIvGU2ggPUAw2oH3SfLoKYJinYLourIvcduv1prX2GN20gIoB31FLbFIYNW4G8bZ6pnHarGx76ojMskf%2FZos%2Fq%2BqD87k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 7d8c15713ee81c77-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 320ms
45ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J35GLGDM3D

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5331a8d21c6a88afcd7a5d2834ac61746805a463857b02308171705ea580260d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77537
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 14:46:44 GMT

GET
H3 200 1C7_vBZob5LCO7WK7Q9fdQKKmq0.js Show response
rd.fharr.com/cdn-cgi/apps/body/ 6 KB
3 KB 518ms
427ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/cdn-cgi/apps/body/1C7_vBZob5LCO7WK7Q9fdQKKmq0.js
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/cdn-cgi/apps/head/btbvzReSIPvRLGCsMSTB13V7bxY.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de5cd59beb665507a20cd09ab0b7403cbf92dc7a4e3e24acf2ad1cd9d156fd1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/db/item/400368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
x-amz-version-id: ZufybphXNjQx_q3qSUt12BaWRKxBs8lj
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JZWMK81Y254KA647
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Nne+fm/FaWa5K4BU/61RE8YWKx08bWoWN1Cna1sT4rLXgsDvUSyFLCuD2RMOmiN9/5Y8+VLye+M=
last-modified: Sun, 30 May 2021 09:57:53 GMT
server: cloudflare
etag: W/"b5253056423e56731fa4d9e3999fcf5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDpZchIjPjbhVt4%2BWx6HFyPJKxQcanOQCqPdiO2pNRN5yozOJAlMuTf2P3Y48f6K33NX3IspN8GD6%2FcFNZLOR2X0Aj3a8xbJGyoyNQe9kwuqClvAwi2t90o9wC%2F9wvZ51qP10N8saz9GOqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d8c15712e8f0b04-AMS

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ 404 KB
125 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 16 Jun 2023 18:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72643
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127303
x-xss-protection: 0
server: cafe
etag: 14748094856067035890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 18:36:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 378 B
229 B 164ms
77ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rd.fharr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47c74c235c54811a357bb9464289f78b34f9baab27f6d90b15bb5a33d58487d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204
x-xss-protection: 0
expires: Sat, 17 Jun 2023 14:46:44 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 417 KB
418 KB 332ms
56ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfJd5IUAAAAAB8sW7WNlAIqHyPeI1I7mKAdsOwF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e8b24725e182d1e4134a9370770987261c14c8ccbda166d7ce61ff060e732d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:02:03 GMT
x-content-type-options: nosniff
age: 143081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 426967
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 23:02:03 GMT

GET
H2 200 getWidget Show response
www.plurk.com/ Frame A734 11 KB
4 KB 408ms
154ms Document
text/html 2606:4700::6810:31f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:31f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c45ac52e85b132c4fbb2b62332c199792243ab855ceba6e0aba43e2db6e8e16b

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d8c157248630eb0-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 17 Jun 2023 14:46:44 GMT
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 228 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8afe56df149e86d60edf1d04a41676b07d0b18617a88fb3f9f3259c1a194ce50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 514fb1982836b9576524eee1afe56d746da06cfaf4d6220dfeaf21e157781c2d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 485ms
354ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JZWK3QHPQMB8WY16
alt-svc: h3=":443"; ma=86400
content-length: 78268
x-amz-id-2: nyz916++fF56qrqBl0hBlVZ49BFStJZERWu8dBBXVDZOB26cj6DwLujFuzBGVkaeZmxKT8c6Qpk=
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHMhXo0FZOZSQPQnpZkjloolPYlQiRav4x%2BO%2Fq0BavO6%2BzBYBZCBs4MlkEf%2B%2FySKjgVKfjy%2B2fYxcpNpXvOXxIteEdxTxCK5oxyemwPAS2Q53SfIK3UKfF71lZjLSoRZdZrgLba4N2bhscjyLYGuhloQ"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7d8c15713ee61c77-AMS

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 535ms
404ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JZWXM6QT9MPGXFM8
alt-svc: h3=":443"; ma=86400
content-length: 76736
x-amz-id-2: aDsXTN8NWnEXzaeP9+XMcaJBQfBZJw49n2tpJTgVFlnCVdby1YTHQRsZvxGJmP4AxMfL3N6fozE=
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
server: cloudflare
etag: "ed311c7a0ade9a75bb3ebf5a7670f31d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gg4r7Nj0gO%2F0Wlx5mIcCfYmN4FKz4qmmPty6RykgARPWzvzHxxT47hgSnx3zqRLzySd%2BhFuclA%2FSnRuL4vHmrOZR49X7kwy35NengDzzlwFIUnFmGUVLGRZumXjL95SGi5RT9DEMpLXckTFIGHXO9uK3"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7d8c15713ee71c77-AMS

GET
H3 200 feather.woff
rd.fharr.com/assets/styles/purplekit/theme/fonts/feather/ 29 KB
29 KB 1652ms
1587ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.fharr.com/assets/styles/purplekit/theme/fonts/feather/feather.woff?t=1525787366991
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/assets/styles/purplekit/theme/fonts/feather.css?v=2204060724
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef3c47cb702e040372a3a4bce66d5e0ecc46c56325ec40f8c00b91da0d1d3f46

Request headers

Referer: https://rd.fharr.com/assets/styles/purplekit/theme/fonts/feather.css?v=2204060724
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 29500
last-modified: Tue, 05 Apr 2022 23:24:17 GMT
server: cloudflare
etag: "624ccfa1-733c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etSKHpRMRsTHe91dlSo2vnbVR%2FaU76LwcxTrieVYt7RykGYQQWw%2Bs0hvCYxEUTEKna16KwA1Jvg4zLtXcHu0iCW%2F2SAApvguIKQBNm21Or0I9vHSUTZNQ12YlmEPYrhVQ4j5JFo4aIJoG5U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d8c15712e9b0b04-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 467ms
33ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=rd.fharr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 282ms
59ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rd.fharr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
13 KB 237ms
225ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3978466103988540&correlator=496588656810852&eid=31075344&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=5521290%2CPC_dfharr_all_top_970x250%2CPC_dfharr_all_bottom_970x250%2CMW_dfharr_all_top_336X280%2CMW_dfharr_all_bottom_336X280&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%2C970x250%2C336x280%2C336x280&ifi=1&adks=2550318159%2C3264795852%2C2717041837%2C749522851&didk=2254040196~2159870219~3556621688~293081520&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687013204787&lmt=1687013204&dlt=1687013202296&idt=2107&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=1450125800.1687013205&ga_sid=1687013205&ga_hid=62594710&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

828ec6ea7531cfbe9837631e3beec0fcbcada3ff49a6469a37480934c44cfc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13410
x-xss-protection: 0
google-lineitem-id: 5729188250,5728488388,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138354118551,138354118860,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rd.fharr.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
20 KB 641ms
629ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3978466103988540&correlator=496588656810852&eid=31075344&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=21787810958%3A5521290%2Crd.fharr_pc_article_top_9839%2Crd.fharr_pc_article_top_10944%2Crd.fharr_mw_article_top_9840&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C728x90%2C300x250&ifi=5&adks=1639411750%2C2092614337%2C4226489390&didk=263519716~551641894~4088281301&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687013204839&lmt=1687013204&dlt=1687013202296&idt=2107&adxs=350%2C-9%2C-9&adys=275%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1&ucis=5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&frm=20&vis=1&psz=970x-1%7C0x-1%7C0x-1&msz=970x-1%7C0x-1%7C0x-1&fws=0%2C2%2C2&ohw=0%2C0%2C0&ga_vid=1450125800.1687013205&ga_sid=1687013205&ga_hid=62594710&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33ea790469cb2203eb2981eb670aa1f2ee64d67b7923acea70581a87915dc791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20272
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rd.fharr.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D7D9 6 KB
0 290ms
54ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:45 GMT
expires: Sun, 16 Jun 2024 14:46:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 2FD7 8 KB
8 KB 231ms
124ms Document
text/html 2600:9000:223c:6e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 20
content-length: 7890
content-type: text/html
date: Sat, 17 Jun 2023 14:46:26 GMT
etag: "e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-id: GW6256wVLjaIdiYsZg4lgQZV7l0H8SZXhbVjpmyrxaaKvg656EdkPQ==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1 KB 207ms
123ms Script
application/javascript 2600:9000:223c:6e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date: Sat, 17 Jun 2023 14:45:55 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 51
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: wksYX3A69trpqce_Jcx2hCAooZX70jLxIBFFXyrvbUj8Slc30kIA2Q==

GET
DATA 200
OK truncated
/ 276 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3cae108cd6a454dcabb3e62472042bde163070f6be36081b62e783b5924a01c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e4d11663155d726319e5ac84b1bc98c0cefd9be2079c8b2247cd227c559165

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 5C4C 8 KB
8 KB 45ms
45ms Document
text/html 2600:9000:223c:6e00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6e00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 20
content-length: 7890
content-type: text/html
date: Sat, 17 Jun 2023 14:46:26 GMT
etag: "e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-id: mMxgLBKPXY5tEHoCQsbyPxT8J59kDCObDwRr-1tEfctEp0imU5iARQ==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache: Hit from cloudfront

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 307 KB
87 KB 53ms
34ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=ea26e963b6660fe2374f7d6d4be69f8e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b71c281bd0276234af8ea69fff1cef1683323275a4e4b428dc2d7a459d4af2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rd.fharr.com/
Origin: https://rd.fharr.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 14:46:45 GMT
content-md5: Kxy6weZB0r04qtNbuAATOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88886
x-fb-debug: PBsguJf7NkHZkMGsoCGlHSXY71m2orFPggXJIEAKfEzRRmk5e59YxMKRMLYxHgcgGKMO+5IXO4VA+LTnIdbIhQ==
x-fb-trip-id: 1679558926
x-fb-content-md5: b4affd0791dadf35103ba9c71aa2c0aa
cross-origin-opener-policy: same-origin-allow-popups
etag: "e0f7fbca79f144448bebddd0ecb12ecb"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jun 2024 12:55:33 GMT

GET
H2 200 ab9eea6d2a8045e9f91d.js Show response
s.plurk.com/ Frame A734 88 KB
32 KB 77ms
45ms Script
application/javascript 2606:4700::6810:31f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/ab9eea6d2a8045e9f91d.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:31f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11d1bfaed1a228c9771d6bfd802871e12e0739faba53d638f409dc04fc9cf7a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 06:16:21 GMT
server: cloudflare
x-amz-request-id: 2CB6QCZJRAC9W1NV
age: 294344
etag: W/"24713cbc0f42d9de3697f2a05bde0994"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-ray: 7d8c15753cd60eb0-AMS
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GTCCAoM+dl1pfsBCdcl7GJ1FmDQVbdaWEo4+iiS6I23qY/q3JCTtCH5GktsqBUg1byMOjY4mkT4=
expires: Sun, 21 May 2028 14:46:45 GMT

GET
H2 200 63250059d3e82c30c663.js Show response
s.plurk.com/ Frame A734 5 KB
3 KB 87ms
56ms Script
application/javascript 2606:4700::6810:31f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/63250059d3e82c30c663.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:31f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 400ad35ec5034949cffe1def843b0e81ba1fc510eb003194a2a60c026f9cb562

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 May 2023 01:26:39 GMT
server: cloudflare
x-amz-request-id: EBC5X6T2BGVMS99A
age: 105920
etag: W/"3e05a9dcda6955b732d250f8aeb430cc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-ray: 7d8c15753cd70eb0-AMS
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gb66r3krkbP/sMuwCJM8XLHHzu/cc0rs9yBKP1iiSKJQa8254RdRL7yya+zfSeryjN8Ko1SnB4w=
expires: Sun, 21 May 2028 14:46:45 GMT

GET
H2 200 842728f5f807cde38465.css
s.plurk.com/ Frame A734 5 KB
2 KB 70ms
39ms Stylesheet
text/css 2606:4700::6810:31f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/842728f5f807cde38465.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:31f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f107d812b5ed1af85ab99023d9ed5f6befd89537509ce6886e1cad1556a506f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2023 16:46:52 GMT
server: cloudflare
x-amz-request-id: BR7AQB8PSB9JSWCQ
age: 32400
etag: W/"0793be14528cd4673e5efb434ee4b297"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-ray: 7d8c15753cd40eb0-AMS
alt-svc: h3=":443"; ma=86400
x-amz-id-2: lfMtO/dnHuld3IT1YAzMImswAP4BeTMwK0LoaWHpW7FuEvuVN4aw0DNIRbA1sr2GCOZFtLMob1w=
expires: Sun, 21 May 2028 14:46:45 GMT

GET
H2 200 13931367-medium23987158.gif
avatars.plurk.com/ Frame A734 1 KB
1 KB 157ms
143ms Image
application/octet-stream 2606:4700::6810:31f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.plurk.com/13931367-medium23987158.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:31f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db2eebed72eba8c0926d6c4c2281a02a745e99f29cda46bb196afc3a95e6015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Aug 2019 13:47:58 GMT
server: cloudflare
x-amz-request-id: VHB0YBFXGXCKES6M
etag: "f1bc2c85c4ea8e30e656f55f3f039d10"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=155520000
accept-ranges: bytes
cf-ray: 7d8c157a3aea0eb0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1049
x-amz-id-2: sWfonRVVxwRqUGTn9IMu6xlK+JJgWfLj51DE0F6+6akV3MTYKUglPNALVKG9fsmc9NX5itmLNBc=
expires: Sun, 21 May 2028 14:46:46 GMT

GET
H2 200 a0oP4UQZwaP2fDHcUmMD6hQttSD_mt.jpg
imgs.plurk.com/QzJ/UQI/ Frame A734 7 KB
8 KB 167ms
135ms Image
image/jpeg 2606:4700::6810:31f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.plurk.com/QzJ/UQI/a0oP4UQZwaP2fDHcUmMD6hQttSD_mt.jpg
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:31f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1281bea544688fc8e6ce55169c8258b18fc3180eeb4b0620f1a175128d897887

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
cf-cache-status: HIT
x-amz-meta-source: https://1.bp.blogspot.com/-lGibfWgRJcM/XNq37KmRHAI/AAAAAAAAADw/i-HYB46TL8A0HzJcmGtIrDyIE5B7tH_2wCLcBGAs/s1600/RagnarokOnline_Gnjoy_Taiwan_Download_2019-05-14.png
x-amz-request-id: H3EY2Q75845981AB
cf-polished: origSize=7569
x-amz-meta-content-type: image/jpeg
x-amz-meta-hash: UQIa0oP4UQZwaP2fDHcUmMD6hQttSD
alt-svc: h3=":443"; ma=86400
content-length: 7321
x-amz-id-2: RoP9EoYmAq8oaOFO6ycJCc5n/iYXQez9HeMr22z+F16+J6q1+/EfCxgN+DnFb3UfC8GRhyHBdbs=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 Mar 2021 14:03:59 GMT
server: cloudflare
etag: "2456837b96018ef62ca1ed17d7bbd05e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d8c157b1c3a0eb0-AMS
expires: Sun, 16 Jun 2024 14:46:46 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame A734 19 KB
7 KB 505ms
83ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.plurk.com/
Origin: https://www.plurk.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d8c157d98f8b716-AMS

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2946 0
0 118ms
117ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstbcRzxgU9cldhe53tIsuqH1AzapAdgIJWaqW9iZOTWIYrQdi0FOId83zvsGxKtnSdpulZ6uFYTPkw1SNRy7BlXaUI0VUh_PBedCWDIPUMCdh0z5vFAscyllMxc1Ap98bAC9pX-lclrCGQdp1hqBsdJK3JR7cEnQIpZ6_tftDpjSoxLIqPmHSeRRK5rtENul7A15fyyfRIieIS-fiI6Wvh4JYYSGG9tR1pE4kJgYN3DyXNDDDt4pMsEJanCtGvHamgG3XUrhT0WGAyiJ43VIbPlrsdWmcogirrQGF9A0IZPDMPZkluyAxuDi6gw4A6S9aPDBXvEOC3wXK-C4xhZmfhPQ&sai=AMfl-YR3JaGwBs1bx0Gdost0yhVXgRec7HL80bGQighwHitt1Blmd3RUngIQIQV_gchjSgz_bsTC-Y4FVIozrA7ailH8MrSkIk0upqBmGZ7vcjz6yikf65nb8sf4QpO43ljO37A82H16A3ZMzF0GTXCb&sig=Cg0ArKJSzBRT3O4vtHaWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 14:46:45 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2946 76 KB
25 KB 188ms
183ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3aa786f6302af3176ce6ac53e8e582a3b2642d55665e2b758ddba90f1ddf8cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25360
x-xss-protection: 0
server: cafe
etag: 598 / 19525 / 31075344 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:45 GMT

GET
H2 200 db1e095267d4b1814b7f71b88cdeaf6d.js Show response
cdn2.sales-frontier.com/js/ Frame 2946 464 B
1 KB 328ms
78ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.sales-frontier.com/js/db1e095267d4b1814b7f71b88cdeaf6d.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a73c76aa12a0b231a7c21c792d817f7f0453ac4c6f3dedf4a96375e0e7d15c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdujy5cTxCSyaZUurx7ThiCvwvwVqSnhkickN-Gut4DHIuJUc79azcV_ea9js2CIpD1O4y4-MVaWnUMlpYBPByBRsmN4Wn4G
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Jan 2021 06:55:38 GMT
server: cloudflare
etag: W/"e2deb349343b47cba34973d0f32c1fe1"
vary: Accept-Encoding
x-goog-hash: crc32c=zjUOTA==, md5=4t6zSTQ7R8ujSXPQ8ywf4Q==
x-goog-generation: 1611125738483243
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZokk76RYvitZ%2BXp6lLYsJQ37iDQzd7TswAqH%2Fvx4%2BhrnOpePQgwzEtCG4Acm38rJjjQieSJOTwwO0F8VZpAnBBV5eDl250gYesbYTMVuproetBVLLb3N39tLTeDZd0WA%2BaTK2cTon6YZtjY5F6la2aFaVOLeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
x-goog-stored-content-length: 464
cf-ray: 7d8c15779c1dfa40-AMS
expires: Sat, 17 Jun 2023 15:27:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2946 178 KB
56 KB 211ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:45 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8211648974049874&plah=rd.fharr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8211648974049874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

217d71d3a68e17e46879e79ae0a1243692e033ac52e2efae4411d68c05618679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120789
x-xss-protection: 0
server: cafe
etag: 9891267648585382728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/ Frame 750E 10 KB
5 KB 192ms
81ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8211648974049874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 18:04:50 GMT
etag: 15057649708203361565
expires: Fri, 30 Jun 2023 18:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 5DD8 0
217 B 1166ms
298ms Document
text/html 54.199.5.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.5.69 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-5-69.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 14:46:46 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 61F5 39 B
126 B 11133ms
10222ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 14:46:56 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 2FD7 5 KB
3 KB 1092ms
235ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 17 Jun 2023 14:56:46 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 2FD7
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
509 B

145ms
138ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sat, 17 Jun 2023 14:46:46 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 2FD7 0
217 B 1153ms
300ms Image
text/html 54.199.5.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.5.69 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-5-69.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 container.html Show response
e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 34C6 6 KB
3 KB 103ms
18ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:45 GMT
expires: Sun, 16 Jun 2024 14:46:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A984 6 KB
3 KB 81ms
33ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:45 GMT
expires: Sun, 16 Jun 2024 14:46:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F6C9 6 KB
3 KB 79ms
34ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:45 GMT
expires: Sun, 16 Jun 2024 14:46:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5acd99a0dfbf4d9f44f2feaeedeaf19ade7afdc90389401c089e52c3fe6da44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2

200

cm
c.holmesmind.com/ Frame 5C4C
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

144ms
137ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sat, 17 Jun 2023 14:46:46 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 5C4C 0
218 B 841ms
273ms Image
text/html 54.199.5.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.5.69 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-5-69.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 8AB2 0
217 B 323ms
274ms Document
text/html 54.199.5.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.5.69 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-5-69.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 14:46:46 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame F78E 332 B
482 B 9229ms
9122ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 14:46:55 GMT
referrer-policy: no-referrer

GET
H2 403 yads-async.js
yads.c.yimg.jp/js/ 0
0 2108ms
265ms Script
text/html 183.79.219.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL: https://yads.c.yimg.jp/js/yads-async.js
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/216481/680/wrapper.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 gnshbrequest-v2.23.0.js Show response
cpt.geniee.jp/hb/v1/lib/ 101 KB
36 KB 537ms
537ms Script
application/javascript 222.230.178.131
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v2.23.0.js
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/216481/680/wrapper.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.131 Bannaguro, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 3fa9c295f76cd029cc3800a61a9bba75cd9062851924561e3ce1a18a9ae6b843

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 07:11:34 GMT
server: nginx
etag: W/"64350826-1950d"
content-type: application/javascript
cache-control: max-age=86400, private
cross-origin-resource-policy: cross-origin
expires: Sun, 18 Jun 2023 14:46:46 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ Frame 2946 404 KB
124 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 18:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72645
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127303
x-xss-protection: 0
server: cafe
etag: 14748094856067035890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 18:36:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 2946 378 B
229 B 71ms
69ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rd.fharr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47c74c235c54811a357bb9464289f78b34f9baab27f6d90b15bb5a33d58487d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204
x-xss-protection: 0
expires: Sat, 17 Jun 2023 14:46:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 455ms
33ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=133100650099823&ev=fb_page_view&dl=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&rl=&if=false&ts=1687013206211&sw=1600&sh=1200&at=

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 17 Jun 2023 14:46:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 2946 286 KB
72 KB 66ms
47ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NV3WHPK

Requested by

Host: cdn2.sales-frontier.com
URL: https://cdn2.sales-frontier.com/js/db1e095267d4b1814b7f71b88cdeaf6d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8b7db02aff2fbde176d0220b2e38ed79a8d4fc33d776f10ccef586db1c5ca76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73475
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Jun 2023 14:46:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
551 B 418ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rd.fharr.com&callback=_gfp_s_&client=ca-pub-8211648974049874&cookie=ID%3D21baf416523e903a%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MYsSBccrIefPO6Sc_tVG1Ld-2zV2Q&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8211648974049874&plah=rd.fharr.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4dd877f92aa6190879d02a302bc2694ce7df4692faa920dd33a1273366b4725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 71ms
69ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=rd.fharr.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 53ms
51ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rd.fharr.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 97ms
95ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=pc-sidebar&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 96ms
95ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=pc-sidebar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8708 184 KB
51 KB 554ms
511ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&adk=1812271804&adf=3025194257&lmt=1687013206&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013205550&bpp=6&bdt=3255&idt=675&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21baf416523e903a%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MYsSBccrIefPO6Sc_tVG1Ld-2zV2Q&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&nras=1&correlator=4154209518095&frm=20&pv=2&ga_vid=1450125800.1687013205&ga_sid=1687013205&ga_hid=62594710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44789818&oid=2&pvsid=3978466103988540&tmod=1558432215&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=742

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d216d7f9a032032acde3851bb37c26448773a86ce822c6326afc6593a27c52d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 51987
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2946 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949566537775c03ac71d49b7d5f39e8bda9fec6c1efbb13407e97d2383de8cad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 page.php Show response
www.facebook.com/v16.0/plugins/ Frame 1538 43 KB
16 KB 144ms
102ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/page.php?adapt_container_width=true&app_id=133100650099823&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a51f987bd944%26domain%3Drd.fharr.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frd.fharr.com%252Ff224541e61e27f%26relation%3Dparent.parent&container_width=0&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fro.gravity&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=ea26e963b6660fe2374f7d6d4be69f8e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dcddaa661ca40c2a36288ae788c87b8bda0dd978d60401fedfb591f79a2ad71c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:46 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: lb81NALu02sJj32pzh3+AEP73/jtHC7xDDZ+N+tYewG4iU8HJhsFAzwA2IyMAKm4wT3lplf9hEewi/d4DHIQBQ==
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7EB3 50 KB
28 KB 120ms
81ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJd5IUAAAAAB8sW7WNlAIqHyPeI1I7mKAdsOwF&co=aHR0cHM6Ly9yZC5maGFyci5jb206NDQz&hl=nl&v=SglpK98hSCn2CroR0bKRSJl5&size=invisible&cb=d23s1oexbr5e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

636f54fe6a9d424b7ef9245475f07ae0e3c4899fe88d00cd3d6842054c9d68d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CBEpetpD_8aI8mgW123f_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28125
content-security-policy: script-src 'report-sample' 'nonce-CBEpetpD_8aI8mgW123f_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 207ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J35GLGDM3D&gtm=45je36e0&_p=62594710&cid=1450125800.1687013205&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687013206&sct=1&seg=0&dl=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&dt=RO%E4%BA%8C%E5%8D%81%E9%80%B1%E5%B9%B4%E9%99%90%E5%AE%9A%E5%B8%BD%20%7C%20%E9%81%93%E5%85%B7-%E4%BB%99%E5%A2%83%E5%82%B3%E8%AA%AA(RO)%E5%B9%BB%E6%83%B3%E5%BB%B3(FTH)&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J35GLGDM3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rd.fharr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 201 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e016c23ae51417382b640ae2d19eb48047532c37ad53894bd185586559ccffb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 158 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d08ed0e21f187dd309030d465224da8085119a15a17d616ba0e477bb50c6f10d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 37E2 624 B
288 B 83ms
73ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNU3fPPSLr1hUQ-UwfT-wS_3ybWwCOmyZ4fOL-rhTSsSOo7-y2zH3fsyIZS6Sg0g6bHNkD8cw5E8NSw5QQE2-k1rFFA48_4RXuyN9qIMAjsnXHw2w9TirlOWCHY4Eep2yip_6Njw8I1j7sZcNGoiF_zeTjXetZKqPwdXj5MnJj3d41oKOTI

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 34C6 78 KB
27 KB 146ms
135ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34C6 42 B
63 B 106ms
95ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Che3dLG7wqHu9zUU2fG_3x610u_FSw2uTOPgzXMRCEnFWr71NBEJxJXQ2DzVGr_iYN59IMS3Zej5MFU6krNoX3MPfQ2OSQI_CzH0wSfBemJVVVQCg

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34C6 0
20 B 106ms
96ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15919505498348027024&x=1&ct=77

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 34C6 3 KB
1 KB 138ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 34C6 19 KB
8 KB 137ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34C6 178 KB
56 KB 55ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 2946 107 B
122 B 83ms
82ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=rd.fharr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2946 107 B
122 B 74ms
73ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rd.fharr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2946 27 KB
11 KB 544ms
543ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1918034560561761&correlator=427320176234409&eid=31072020%2C31075344%2C21065724&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fif&iu_parts=7682122%3A5521290%2CSF_PC_dfharr_all_bottom_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=4126886642&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D21baf416523e903a%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MYsSBccrIefPO6Sc_tVG1Ld-2zV2Q&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&abxe=1&dt=1687013206709&lmt=1687013206&dlt=1687013205381&idt=1285&adxs=350&adys=1806&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=dopxfidb4hdk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ref=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&top=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&frm=23&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1450125800.1687013205&ga_sid=1687013207&ga_hid=234581720&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4be228b85adcd99099d4446c6914baa7b8ad420faa4963f22237eac830d7053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11623
x-xss-protection: 0
google-lineitem-id: 5729182073
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138354118344
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rd.fharr.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b766e2ae11ee81bfd6c3800a5ab3357a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E61 6 KB
3 KB 90ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b766e2ae11ee81bfd6c3800a5ab3357a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:46 GMT
expires: Sun, 16 Jun 2024 14:46:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 37E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1&C=1

43 B
766 B

126ms
76ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNU3fPPSLr1hUQ-UwfT-wS_3ybWwCOmyZ4fOL-rhTSsSOo7-y2zH3fsyIZS6Sg0g6bHNkD8cw5E8NSw5QQE2-k1rFFA48_4RXuyN9qIMAjsnXHw2w9TirlOWCHY4Eep2yip_6Njw8I1j7sZcNGoiF_zeTjXetZKqPwdXj5MnJj3d41oKOTI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 37E2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI3HVw9flAdfZ-hMZhEzyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNU3fPPSLr1hUQ-UwfT-wS_3ybWwCOmyZ4fOL-rhTSsSOo7-y2zH3fsyIZS6Sg0g6bHNkD8cw5E8NSw5QQE2-k1rFFA48_4RXuyN9qIMAjsnXHw2w9TirlOWCHY4Eep2yip_6Njw8I1j7sZcNGoiF_zeTjXetZKqPwdXj5MnJj3d41oKOTI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEET97RPgura_dj9Koy0Caqs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 37E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENWeM7mhhjsiUTs9Fda6g1I&google_cver=1

43 B
1 KB

58ms
54ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENWeM7mhhjsiUTs9Fda6g1I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNU3fPPSLr1hUQ-UwfT-wS_3ybWwCOmyZ4fOL-rhTSsSOo7-y2zH3fsyIZS6Sg0g6bHNkD8cw5E8NSw5QQE2-k1rFFA48_4RXuyN9qIMAjsnXHw2w9TirlOWCHY4Eep2yip_6Njw8I1j7sZcNGoiF_zeTjXetZKqPwdXj5MnJj3d41oKOTI

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:46 GMT
AN-X-Request-Uuid: 8b6b5a71-e6fc-4abc-aa16-4b44c629d6fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.145; 31.204.150.145; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENWeM7mhhjsiUTs9Fda6g1I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 37E2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0NTY2MDU0MDc2OTc3MzE2NQ%3D%3D

170 B
243 B

116ms
114ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0NTY2MDU0MDc2OTc3MzE2NQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:46:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.145; 31.204.150.145; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 813148b5-b9e1-4c52-a413-2dfe9177c616
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0NTY2MDU0MDc2OTc3MzE2NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 7EB3 55 KB
24 KB 211ms
78ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJd5IUAAAAAB8sW7WNlAIqHyPeI1I7mKAdsOwF&co=aHR0cHM6Ly9yZC5maGFyci5jb206NDQz&hl=nl&v=SglpK98hSCn2CroR0bKRSJl5&size=invisible&cb=d23s1oexbr5e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 10:01:38 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 7EB3 417 KB
417 KB 228ms
95ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e8b24725e182d1e4134a9370770987261c14c8ccbda166d7ce61ff060e732d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:02:03 GMT
x-content-type-options: nosniff
age: 143083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 426967
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 23:02:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9295 640 B
262 B 97ms
95ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUACwh7dwR4wmbExM64YMOYPyRvS4DJXoRKHbk5vsxbZQts2wuO9qJWsbJzSC5G4BirOOODYzt2wUWZZhxWk6tPXNcnF8GgZthFqAIhVLVFpe559kqigTsVGTnvZSC9FHhFHXDVUWp4KcJHLihSxPA_O7sWwFDYXrXzQALM3ACuE9aWYAA

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A984 78 KB
27 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A984 42 B
63 B 105ms
103ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6rXwZM7Me5NtW01YMRsgH3bAomzZnKRmnjxRKwAn6tQQ9NG3e72UHmmXOqlX9HIJl5hTDNkhQDBNUSEfuQnK8JP0gxK5YPNIYTwtvnUBqCliXjH0

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A984 0
20 B 105ms
103ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15341589354437004257&x=1&ct=77

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame A984 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame A984 19 KB
8 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A984 178 KB
56 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:46 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E242 640 B
262 B 91ms
84ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNWWjPs5TfKgIRkQoX6S96VFLoH5XNSUbwBdPQn33eD7HEzEjlZ6t4g3IKePAr129nqcnWoxI8P09TZOsirDrL9ztH3RcWSXNM2r90Gz2CNgzoPN8PxdWVahqiMLhliwUAk-YkVb9_xiDS_7XdQO69kbsBnJ5-IC3qa-OUY6GMKFmjO6PgA

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F6C9 78 KB
27 KB 245ms
235ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6C9 42 B
63 B 105ms
95ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AiNAmPQw9R1IyrD0IImpNLWAvOwVgtC2Z5khq5U9XlaUuMcWtaeGSKCx0QJ1X9yI3RiLLH6GiCKWoov8Hsl29UkyKDHTnPKx8axMQg5mh2CUTgkoE

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6C9 0
20 B 106ms
96ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13801519230579289727&x=1&ct=77

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame F6C9 3 KB
1 KB 48ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame F6C9 19 KB
8 KB 43ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6C9 178 KB
56 KB 60ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:46 GMT

GET
H2 200 aqTTJlBfk6b.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/ Frame 1538 29 KB
7 KB 300ms
201ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/aqTTJlBfk6b.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/page.php?adapt_container_width=true&app_id=133100650099823&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a51f987bd944%26domain%3Drd.fharr.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frd.fharr.com%252Ff224541e61e27f%26relation%3Dparent.parent&container_width=0&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fro.gravity&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

655077dc6a2ce3942453658e99adb67667348fd40d5258e003ce38ef70f4258e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XSaem6DhVhXoqXxzAtg2yA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7128
x-fb-debug: YWjYVxCj6OxhBvKqggzfn7TmOKZeJgMY27nk4FM89bT6l3xfIE0iZGLqroQzMKtH9zut9hjujyWCHp5LJwj17w==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 15 Jun 2024 16:00:51 GMT

GET
H2 200 xUCu69_VoIG.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/1,cross/ Frame 1538 6 KB
1 KB 299ms
200ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/1,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G4bSvzLG2IH4kVzNTn3U6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 871
x-fb-debug: Z2bzS1VeTzAQOTphi9kTZX4frwvevStpRT5mu2Ft+IpiV4efHDXYz2Nt1IrIXGvGnxo5i+aiNTM3yZqyWpTAEw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 20:26:40 GMT

GET
H2 200 GdsGmM7N_ap.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 1538 321 KB
84 KB 136ms
37ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23d0cc03f145a97b1b8823fcd07fb6a6a46b844f9714b0c69587d66c63ce0775

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: czfTGWWDUP8e0Gi19s55cA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85898
x-fb-debug: mBVW9iQS0Ycgp8rhe5KB5Fqq7P7wu3IWfLyrxTQ4bjClzUJT88BmGkF9XeWAsW5GpERA4rGpv7XZznOd4ATaew==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 15 Jun 2024 00:35:31 GMT

GET
H2 200 FMMie_OL3wL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 1538 5 KB
2 KB 134ms
35ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/FMMie_OL3wL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62bf7e57ebc12f7a61aa36a8e4b4b25c8412f2212f91ff6f9b77d393245eecb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vCUBJYYMHOYvLIAh94niHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1575
x-fb-rlafr: 0
x-fb-debug: x+G2jsR+h+MseuPxTriDeZQaWUxCOVJFeefqw4Kdk04Jwwut1aI5cxfgxEGUSL8QIcB/P0gyTZBXfBJ/ggJ4cA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:43:43 GMT

GET
H2 200 qNTnhmBsX4_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 1538 85 KB
26 KB 135ms
36ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/qNTnhmBsX4_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60b4c8697c73df4d71743a99e6f78f0d9f62a2c8eea3bc1b59319adf52ba1348

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pRhjWPqrXDrbjQxIFg6X9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26131
x-fb-rlafr: 0
x-fb-debug: OuJaIkDt0jOZUU8E7auvEKCPhaKfzh7VW/z9So4vzgeV9mgxI710UP9QI/sTTcKkMIFHGBexOlFD/MNMor9H7g==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 05:44:07 GMT

GET
H2 200 38tLHa-GDLn.js Show response
static.xx.fbcdn.net/rsrc.php/v3iFvO4/yI/l/zh_TW/ Frame 1538 234 KB
66 KB 300ms
201ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iFvO4/yI/l/zh_TW/38tLHa-GDLn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5910577543237c335e33ffc1448fdc619f9e16a548ceac8cea4717a3c31d6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xlNbRT3aYBvRfrZgphO0UQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 67237
x-fb-debug: G50Fo09nc2/Tj5lQ4so2Il0V3hLNQzfpxMJZKsXCud3+07tTI3AMFZiCWXxbosFIXQJhjbGoLRmpQA3gAcON7A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jun 2024 01:18:35 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 1538 507 B
488 B 300ms
202ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-debug: T5dXHq35atZVOl76kvjssdX/m7E3kISDjP66h73bJr+jXw5njO0rUibMAoWc+XyFIBCwk1aXd7N8v9k7ON+fMA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 19:56:55 GMT

GET
H2 200 RCW6h_5U8Bd.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUNC4/yo/l/zh_TW/ Frame 1538 104 KB
30 KB 299ms
201ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yo/l/zh_TW/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb7b62e93a028cbc859a1d1ddc9a6954a1a52e30f07a53bc677c216aa07a445f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 63WXY/oG9T90CDWaiC5Lxg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30720
x-fb-debug: L4TjhXpBRfyFb09ncPDBWfSKWbA9nxCCPLlAw8vbWR73lM2AifgKvK5PSE3GOm+v3LmcMiWnIBrfClpV19EPGQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 18:20:15 GMT

GET
H2 200 h5ltHUltdQA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 1538 63 KB
17 KB 135ms
36ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/h5ltHUltdQA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3564808aa607797c605a90d541828984eb027b3036956492d96f3c7482e1b413

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uygwKNWTc6znC1BIV0ajiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17387
x-fb-debug: zsnS1Akd+LqN9HEIhE7qmbYK2OLWX+ZHc2uIHmhBASHgloOMbUMtuE03NzvDabxBkuag4tMn0GRSFI4IxgSmww==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 18:33:06 GMT

GET
H2 200 352517432_297727896147201_3220230476297656825_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-1/ Frame 1538 2 KB
2 KB 712ms
186ms Image
image/jpeg 2a03:2887:ff2f:0:face:b00c:0:a7
FACEBOOK-OFFNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-1/352517432_297727896147201_3220230476297656825_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=JcSlyozEICsAX82hqVb&_nc_ht=scontent.fktw4-1.fna&edm=AOvyQZUEAAAA&oh=00_AfAxf9hwNhpVO6i4ZgbmQSvP8UndSE7Yz_AQ0xBvomqWgg&oe=64927055
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/page.php?adapt_container_width=true&app_id=133100650099823&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a51f987bd944%26domain%3Drd.fharr.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frd.fharr.com%252Ff224541e61e27f%26relation%3Dparent.parent&container_width=0&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fro.gravity&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2887:ff2f:0:face:b00c:0:a7 , Ireland, ASN63293 (FACEBOOK-OFFNET, US),
Reverse DNS
Software: /
Resource Hash: e543efaecc35c7bd82ac95ceaca610b7a7a4bda087596ca166d35fb8668feb45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Jun 2023 15:24:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2372335656
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1520450692
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2107

POST
H2 204 rum Show response
www.plurk.com/cdn-cgi/ Frame A734 0
181 B 32ms
31ms XHR
text/plain 2606:4700::6810:31f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plurk.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:31f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.plurk.com/getWidget?uid=13931367&h=400&w=460&u_info=2&bg=FF574D&tl=EEEBF0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.plurk.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d8c157e98f00eb0-AMS

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34C6 0
20 B 140ms
139ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8908085299118&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34C6 0
20 B 139ms
138ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8908085299118&version=m202301230201&ct=77&x=1&cor=15919505498348028000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 34C6 15 KB
11 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cfp26Ik8wQbwjUhgs3IAnT5l9HraMvugLf-pobNSmeOmrR5_QW6vy3AjVpQyZ-03ymxdcfGnROwMv7U-ZRy_EQ2bveFVoNdKqoshKyihI-7mAmTVGaZCBRKQnQNXpEN3RVW3Iix62kCVg664joWYn9HjBNOYhfyMJ8xSoFVKDEcDPC_zQ&cry=1&dbm_d=AKAmf-DyY3UNZfJqnU2j3q5MbcUZpB2GNtjL5IaPJKd5SpDF24JubtgbaY5W8N3HIKoNzY_QYvPP3mQ9cnICSvfGCSsYrUxMr8FTbRP73NUjTmVu3Erx99E7NU8LzYDAPq6-j-qIgVkqoI6QIZUA2drWyXxh7CASGdlBDggrUwif9caOxwyE0HHxdLcIXdokq9wwpViRcdJmt3rEOBlbM04XLxePJh2l0bsQT9clSpDoexPgojDgOiTo2ch5n0G2FJSBWP_pC8EZRQex8OFeso7OZyM4JWliyUUUzdZTiX3M7pgSzO7PjNynR-rLh5rgOgSw6mlfPNofuyOg7hOArh18INgWeyXOGC3MiKU23CLddg5wcGvc3H2unhWhMhcVnQ57Wvk7P-r6vdKg5myXabpQuoBB-t1-_fxQxSH_4T-cmLFJEruZA6d1Wa5qMmhaRifpbNViHSLG4YsS3d3e8ofPqKrzwKsJH-SWXjjL3RFnyoXTF9gaZY3GVt0qKQP8HGz6pxzJTaHHJqP9QbTFVQVEOKxWD1ZiWi3R_VM-rL93wYMTk1EFziJ3-uNLIoq19uTGPfSrEo2ARsuW5Mb7b3BtGwwEDJg9PUcsyTau0a8nVdi7zU4N0qTExlLjvTvq6DjvJhzw1WWBHpq26zYQWjQUZcYPe0-CpdweTOq5LDhkCXZ7SvBy5TM0mt1ecSHD9ISifJQHZ-jGgtRaSnmOrH9aLP4AyslxGptOlr-tP1sGbwsWAy7YHGPrHkHf7HCAqtjidsdFJnWy9fBlshDY1x3fQoN9GcUsxtiDM4DokHqVzGPOq8oNBhaoJgBhNDNnwm4bKs99rN5pxt3dcFtcD6ewfofFQ81NWL9YwRgK80eJEpvg80lpNWFjt_nY0MnwF9w9Kgk_OTlYF1CC1GMasGMlIGlXmCt1QKBmNEkkMk33MhGhmEaAA6lQVz8pMBmnul9-wMsb0c7yUJ3QEym_6Ey0rkHcNRrQ7KsTLHk2iMWiQ887_kXN3YRboMGDBfCl7PQNuTOjU5fGfAT34IJ3aXdfdid8Nhp6m4XrMvZfHQ1EP8XC-PXI65I3sNWcnUB6Xr2MUBbJt9wJdc_jQ1h_Kx1UOUxha1cG4-J-2ac58nfxAf82f78cD3LnNcTbGRvUuiWTONaqpwr6uWuNC5WiztjYJ7g6O45kzOSIOZ1zpFRygyCFYzzAF2ZHgtheehS1hI9P7njng79lcVCU7kTqZRhjY9nNr8BZsDJBDzx8na41tBpSU4kv3bYv4uyZ1I2LK8fIdnxCFtR-H8ObbxcHSkus1p9qX_PeGrMtDkg3oVsdpiXhRTgFNQGX8OWUAkFEza4ybu_HJrO-OYMwAoTVNC9y7JkXTjfcXL_Z9p4yO3w2323lZLjGf2549BnQ2AFdjiGwYWkgG8oMjp17fZMtOk5xz2LFY8kf0HZJcGQ23UE2Oflppkq1h0K9YBLQDSR9XNB96h2KZnl9IAx5MyIZq9fvLS0eHl6MKBTGV4RDDb5GP6__Ul51XQGurY2HOXfN1q2YtCAlsiFrZ2zJVuwLpbL1fhuDTbJVPS6pdzgDwseGSiDAmEX6DPYPotUuhuYZsDz9GKAQ7Vwdg93gNcE3ubCo8kOSnGIoC5QdhfEQ7H_L_y0r_UjFbHHOgfOU4r6FNRGwkDg32jmExPw2Lxylwuq8KowZTrZoAC9TLHcYEPzUxFVd00-f63cbvMh4G6pD3xPePxt0lp4uy2Igl0cDMm1ssAHu5tHUMYFl32zx408OHKN2qK8auUB_d6207ZYWTA6XOsrStqyWYLsdlikMdmlvYupVvs8ff3IWWuZjtAEvWMA1q44Y5esyRA1w_rz42pcwMOUqPwh-nyyhIqYYl-waGItFukemnp4Ss_GqOr6Hz2k6aVKwwX3WEXiGc5tCajsNLH-hWdMfhgkfppW2L96lM1CnjR9ojsycAuKd91Anv4iCRkNq3nx148TmB9xgFEvJ5VJPAs2ypQZ_Y-raNQ7b8F4QG4zI-yjDLzRTZMUbWJNzivKkn5gTUCjGQKLbP4i4-M45IvKd8wgOvUiX-YDobBuKReiVTmwlhyN6YmMtyDzL-LBc7xIOIsNRELutrTXYZv2Ro0-24XZ_V543bonqJGpMwNP4FBFYnVjV7d4nx-jfkc_vtjy1JvKdNDR2gYsWxMoF1OSeqmMsB7rfhsbfVSy3tcXNJQ9Dmo_1uDv-kmOJsGy0dnVKt_Yfvbu6tV7KaVMAATFEjuIAhQe5Tl9BXGajWNpLcrYVDD2VUBLyZsWxL09xk3URMX0739NDyTj6KDWljrFzqOp7Bp4cHaAoZg3R-EeJuv4OLfqJn6bSIK2e5RcyNIXmCEJydYss4tlRsNS7Hh5YN6ZwLJSZdRbBL9ExdVYRbu3ntLrBbAARRWTLCg4K4CYDliv-DnkFlU6uzS6Wafcad28uIW_NUAPaKaPzKyUZT1lTBUGI1jSDa0XqIACyqkEKI5Egpp97F7hnZzJdQaT7NAXSvcGYxGRMPLxY9b31w3XhLPFWzzJUWKTbWtg6oHrbsG05kk9-OYEOum89DTy4M7OqGFcImfsuwkg28J-3ZvfzOEWX357ZU6P_7qKtXLUOkOjQueQkD68biGWSFQMJXOPLsoAz_El8L705J-3SblqdA4fWUMKXMvpi0YuAZz7iaKVFtUzCzD9piYQXN1PE5DHHmSzwiFCtPW2EFkSf_xEHnA-SBZEEKZ9LFcDr1N-rr-j9Kvc4fXq6Ic603QKxnh9Wj1Wr4uiQh1mpSJh4lIlceRz7LsA40GLPfB7XpF47P1jUAL-9bSg47oHqO9FTGoJBWrCSN8YNSq3j1Cenyo_ygHhuK7D8x6LQbZ6Likd7M2-65V45NWRcWr8K1B9eas-G0JWWfomTfS1JixDqnnC2olbE4U47zk0fh-OnJF2dLZD7rZ36PR84-3c4iGCJI8O6jbwRnHQnIEAaZoq0ulsmehDcDGuYQ-fE4gGP0iSYNWDz812me8igdfoYGpjH_qBl9svrr8-TyQd64axADPmCEJZShRTpx0EsO2c5GAxVToAh_j5Xxu8a97i-oDQDOT4JWTgCYkRBfFXymrUDl8L9uM5SnfzTntIlFK0jecWMlaYR5fjMXP5DaTC9OipqJdFTAszuIKMpOW2X8iHKz2GQpX5kOaQEsxCQlHdPSQhgygFSJdfX6-UgF3-_YJE0JnzIb0Dy3curVCnbzukGispmwvy0QzAzzz9i5qYOfPzn0FUp7yqii3ktN-1CDTq_fq-uVjsclE0-vl7oIe-tVxF20TnJqhIogvmvKp55XGE2McZo1oe1viLPJbXajNIiwB4dE5kpIzUexs_U_JxdtZeRDhgPudp2dRuExsMhWptqvcAT0oZbPKk0OrJqPn3vtNwF8fruYpDtRPL0dKDYEC1RN02hVFLfA0LGk2Ivsxcnz4HcBagEasQbOWRYvaIXzfWydtL6hxNeI2yRBDQej6s9x2bYT_Ksk9z9bsqV5Hg2i8CSFMIDVJdjECZLt_7t9_HKwpBNouQAZzMvE5mFtTNwGW72DnO1H48Dv1AJWSyyoiwDpevWOtMo1BzN7pOVhuozVkCM23y1NyLNtkar_g&cid=CAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Frd.fharr.com%2F&ds=l&xdt=1&iif=1&cor=15919505498348028000&adk=3047537735&idt=183&cac=0&dtd=89

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

165a0e2a23cbb2308cba54a68c034c186cb307e6857da43fe5b2398aab9a7b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9295
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDryPQqRO0GjwYt4k_Rh3e8&google_cver=1

43 B
106 B

107ms
106ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDryPQqRO0GjwYt4k_Rh3e8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUACwh7dwR4wmbExM64YMOYPyRvS4DJXoRKHbk5vsxbZQts2wuO9qJWsbJzSC5G4BirOOODYzt2wUWZZhxWk6tPXNcnF8GgZthFqAIhVLVFpe559kqigTsVGTnvZSC9FHhFHXDVUWp4KcJHLihSxPA_O7sWwFDYXrXzQALM3ACuE9aWYAA
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDryPQqRO0GjwYt4k_Rh3e8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 9295 43 B
304 B 200ms
91ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUACwh7dwR4wmbExM64YMOYPyRvS4DJXoRKHbk5vsxbZQts2wuO9qJWsbJzSC5G4BirOOODYzt2wUWZZhxWk6tPXNcnF8GgZthFqAIhVLVFpe559kqigTsVGTnvZSC9FHhFHXDVUWp4KcJHLihSxPA_O7sWwFDYXrXzQALM3ACuE9aWYAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 9295
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFbIH4wAym4y9W7QAXkt3Vg&google_cver=1

23 B
163 B

285ms
132ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFbIH4wAym4y9W7QAXkt3Vg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUACwh7dwR4wmbExM64YMOYPyRvS4DJXoRKHbk5vsxbZQts2wuO9qJWsbJzSC5G4BirOOODYzt2wUWZZhxWk6tPXNcnF8GgZthFqAIhVLVFpe559kqigTsVGTnvZSC9FHhFHXDVUWp4KcJHLihSxPA_O7sWwFDYXrXzQALM3ACuE9aWYAA
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 14:46:47 GMT
pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFbIH4wAym4y9W7QAXkt3Vg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 9295 23 B
163 B 404ms
130ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUACwh7dwR4wmbExM64YMOYPyRvS4DJXoRKHbk5vsxbZQts2wuO9qJWsbJzSC5G4BirOOODYzt2wUWZZhxWk6tPXNcnF8GgZthFqAIhVLVFpe559kqigTsVGTnvZSC9FHhFHXDVUWp4KcJHLihSxPA_O7sWwFDYXrXzQALM3ACuE9aWYAA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 14:46:47 GMT
pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E242
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDryPQqRO0GjwYt4k_Rh3e8&google_cver=1

43 B
114 B

105ms
104ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDryPQqRO0GjwYt4k_Rh3e8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNWWjPs5TfKgIRkQoX6S96VFLoH5XNSUbwBdPQn33eD7HEzEjlZ6t4g3IKePAr129nqcnWoxI8P09TZOsirDrL9ztH3RcWSXNM2r90Gz2CNgzoPN8PxdWVahqiMLhliwUAk-YkVb9_xiDS_7XdQO69kbsBnJ5-IC3qa-OUY6GMKFmjO6PgA
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDryPQqRO0GjwYt4k_Rh3e8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame E242 43 B
120 B 196ms
91ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNWWjPs5TfKgIRkQoX6S96VFLoH5XNSUbwBdPQn33eD7HEzEjlZ6t4g3IKePAr129nqcnWoxI8P09TZOsirDrL9ztH3RcWSXNM2r90Gz2CNgzoPN8PxdWVahqiMLhliwUAk-YkVb9_xiDS_7XdQO69kbsBnJ5-IC3qa-OUY6GMKFmjO6PgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame E242
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFbIH4wAym4y9W7QAXkt3Vg&google_cver=1

23 B
163 B

282ms
129ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFbIH4wAym4y9W7QAXkt3Vg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNWWjPs5TfKgIRkQoX6S96VFLoH5XNSUbwBdPQn33eD7HEzEjlZ6t4g3IKePAr129nqcnWoxI8P09TZOsirDrL9ztH3RcWSXNM2r90Gz2CNgzoPN8PxdWVahqiMLhliwUAk-YkVb9_xiDS_7XdQO69kbsBnJ5-IC3qa-OUY6GMKFmjO6PgA
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 14:46:47 GMT
pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFbIH4wAym4y9W7QAXkt3Vg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E242 23 B
163 B 404ms
130ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNWWjPs5TfKgIRkQoX6S96VFLoH5XNSUbwBdPQn33eD7HEzEjlZ6t4g3IKePAr129nqcnWoxI8P09TZOsirDrL9ztH3RcWSXNM2r90Gz2CNgzoPN8PxdWVahqiMLhliwUAk-YkVb9_xiDS_7XdQO69kbsBnJ5-IC3qa-OUY6GMKFmjO6PgA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 14:46:47 GMT
pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A984 0
20 B 164ms
142ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1392023834351&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A984 0
20 B 164ms
143ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1392023834351&version=m202301230201&ct=77&x=1&cor=15341589354437003000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A984 15 KB
11 KB 132ms
108ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2vzehWg9NhwRYJnOhQcjfsNKRNa8E2rfHbFAu9icVGeZRNejui982Lc3Gwt-mRbAAaVgt2LPj5_4BgLZ5cDoVqkp-i_QDbdJLzjMrDKrb_eBEGL6UuMzuwMbcFLUoibsKnM-qPkYLPA3wUEs2q6p3-z4ZPdGZDtc6WOq285elqiRp0xw&cry=1&dbm_d=AKAmf-AJlzgVKCxgcfmlFqGa4tJBc00Q7eauMZYZ0H5zWetQ_3EkxeeyBAoyI6g0ElSMZoatw_xV-8YvJWfE9y6pBawHeGQxfk6ZrKZlodO_iD7oqzdX7Gny7_ezF-ImG9UavbTGAk1Fmzzl7ZFmOZtw961Yifp4YFh93toe7_Rgwhdx3W0au6dpppLfLxK2Y9vOxMVon_u-AyeISF9sWCcuoZpMoyaWAndC6HBX_BjCIhzeU4_NWpbY4FOzvvfQn4nWDLVXo7wCITY5p-e414tZ0mxsmL-DVVJ98h6fvQP4legnWCJe6KYK_RNyh9b5HTyIfh7Q61gCZBrFgNcIqo4463eLB00FrqMF6PhPs28MPQ8RqjeVVHo1N7MA9SWv7KMMNkwjoHH5kOcsRBN33SyUmrfENElLe4TR9zY2HKkH7RUnejXnGCFI48UouUuO6GosHZUNMRke0S5Zp-O91UZetNht_n7zJUzOONJ2TMwXSL7oB10r3PuWqdoGlQ7HHQlquNeNckBNMS3MX92-Kgp_-nBUbpGCjLDKDylH9af6vps9V1t8ELWy32pRokgIPt87-sUGIOMf-Y1klLAuvjWfyWa7SdOwsSLQhh54lgX9pNwIzgBESIG2zzB-DUftOiEVV9BKsBWBWayMt4LP0lC6v_Qe3mJTN-p2jSEfbJ9sn-fvfwspKavEB1-yZnUW_660EVVy1lPpu5UOgBZ8uCxzuLOe_iwWZwmu00JGPD7vHRFtp7jBUka55l_SO4iiUh0hgbHaNxO4dB4mSohW9Ad6exouLXFQFYLVRGHF-rQNw1Vt0KYBqHgMtz7Hxi-067DotAErKDxZ4dcsCG6n74DRm24LEvLuk-z60WQYWIoFBxfUoLug8buTIEJiF6-2MuoIlNT5auzbrv-s-cayXJkhcjKTzRl3KArzbRWT2UmZIpTWiZrbU_H1hSLL7cPJB2uGxlPJ27ydtZ262ilemNsJRNYpJO8si0i7eA-d8OsvucoaWAqeytuwK5QBQIyyGBKOwXSlc8oUKdR2pv7yyd0-7pj5sCNTGpCcnnSPumivDR0n3imdBpD6L0JazqHLkYHWoJqR2qJpM8WZ4rUUcZzqUF4hMgs-dtjAn6aa41IQBlb_b8ghTodyb_zRvtIB1_ahYcBBMUctHHscM7Uml1ErxYbN1gOkhPKYJ6wp9jw6AoyPRNTY_m_HQTqHjMBseRkfOod1aWwkf1kR9koxESgb7YnYuQ3PftjL1WSuNBnxlCr5aM5mZJ9RF7NfkU3GJOzf1OqGR21-sPjog6mDUovEhcTw0EIPYeWxq3_cAOgYxoRYKBiUVjKEuEWUUyXMmOs4YhvuIswT9KktLB7J5ykTcn7SbKIVoWmSGsbIpUD-e6YegCY_zKzAFQXyOvVfs_YFby2llaA1ViBnlw4VZivS5d2WsOCezDEUo3jBpWoaRkNFDG_8QRRkFo2e8cAfQAMsUqLxhBdQbKDFFMokDEx2PszjYj3ha12Pz4i2s1M6xIGWKjlNNVXH4Ez2FtPyR5A7sD6Ugkfiec0IudAjiBlhHNpcNYrQm7nRFWgRh0l5iAeaqFDgLqJbeIx4HAZrr5nx8Nx42W0GTUIBR0UXTK2xAdfXRnD0URKfKwUexYPDzcZ5W9z8zcLMkqjB5l8K3eJejnx-aTltL330qv6aMK3stpnajjNt0oFZFIVxE_g1NGlJcEPhQaudcFwlnBOswi_fGJvbHKz9XoWzvtOGI7m2ECdnYR59Le-Lw44GjOhp_t4b5qyl1fRuWxl1acm-1IVW5DKThYNkUWp5Of8Hu9R8BYSvAw4KcM_fHU2ws8NmrTXt-O7NH3qP7j151Joa3yBLNbBqh6w2Ih3L4iJ9oDg6iXCEZ06qdJo9mPRq-5jWC6pkBlqdag1A5r8xXtSC_2RXNffsdV7OmO1NT0zo9yGCL0o2EXrY3fncFBlg06NnKpA4BX3cTha3ZtsioEuJ1ywdZE-aLG76J6n6CGvCDXFiPN-tN9OqYxiLCqg9wt9txHFY9BVS_fRIynnN9NNJyiCMPQ3yjuxmBoI-KCCcxb-Bob32sWKTkHlz0Iinmubouf4ppDfPRI4ooU-0fUS6BsNSWB7baEKGvSo4fT-Eaq2x5D7RVx0VfZoY9avlTCi5SZOmlUqeQ5lu-Bm6HIcI3TiL3MtwdWpuELsfOONFmCMGzn-YyX2UvcozALkIiayr2H4-VxIiPNNaIZI8QXUR5r2ZN8p3mrV0bMg6dJRJYsniVsksvWRHGU_gQV3LgxjZOJpwjC21PnU_eZlCL7QqP4asehLU60Crc3PS3C6B8xnia-1Aqzoyi4p8M3DTUvKV7CG190axzFpNyeuiLjhWi9d8HfQl1HuUTIRvGxgoBqOnt6r-i7JB1HETzkuGS7aOpolStVgBMCY3B-ckCgB6mHsttnujIsPY4i0JEClTF32m4PxwOzZzAt04ldEHVZETrKWh8Vf5Z0QCQ4hycjK-AYPqi_WlDV9q0ivEz4AZfHiGxDZkcGtpQwufUHgDi5JAVNlHZga3ckvQnvUryaXogvOituja-DunPsP_26sB2PsiwNM7-Wmfs-N4qJLkmRi1JsKkto6dO_ec0rSQBHuGlsPwlwGmlIQRts1WWtmhMUfqltDoMO6WTG5diviubuFl9E-cNoAFyhhuzKQ2stXtz-diqKvapiInkNFLGIFL5KssjEoGC3BES7iWdl6SujcyHdPT7FX_TJMdV9OwafxIh5wLqt9QWO1CkWIdxIrFM-ESwqVeps2cTGTQwrsq7gwb3e0vO9bCT4KWujoadGF8vgqlsGp_7e_DHaKlQKrub8AjMn1Gnp7QOo6dmE9j2FN4i9mBArQePzcaqjQWrgFx8dqdOSxPh7SSlMKubW_0IOU9Ks-iwJlUh5knvduf35PZHjjDv-1GPI4Ry1WO_uIhGH8TCqBdJc5hH9n2yj6CjBv9lWr4zuj9G-ESJGdeeh15TTm6_p5XYtkigPGn1MfVFKby4wMDU4AHHSmyo56SZ_9ek-gVcsqcsqvPyyM15Jk3rUeORYEMouMWwa2YBy7Ds8w9r-hqokhLs5NNIdd_BewcTvX2Kx-WnW1_LYGt8GmegxPiah3r-Kem_qwT8HfaUXMJoPJk8foK_328S-J-IMx9aLFvnyJVN2wryt5sXCD-lohBRzqC8mOhyBAJpEcepxHHQjqOfOiLgtoywwETEJ4yG3OFhrSgGsl9_oX1j8abpdnBXExAWcBVPKyFkcyEUX4qCFm7tpa603tIMqA1fnmjydJSSEwa0avf-ctZ85GM1pa_Yqw8ekazrRWWQm1D9MKB2489z0Jpw4jmWucjVFWEnWNqYbc25Me_SGU_UZ0NvhIciBlCswarZXkPZF6-BKtGyjfrKs3aFW9jZ8iEBIXRz9dRBQ1ajX7DMDxaDulyR7UL1q5m1GhL9EPfngbdVwUY8nyQksLjBmcDXt-laznyLu7iVe5zDdzfqplFcJSmbXnZjbMMuE1wdoeHWPByDGbtZLxQXTMO_8Pe4jC2D9YZTlJHn58JmLW6n-JU578NBbk_9LOsKGoBXWRd28lKk3RQDo75uyE0SMEqQAi4bzzDholhkjYp9L9NjC-riyxigiD1ArnW_zE&cid=CAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Frd.fharr.com%2F&ds=l&xdt=1&iif=1&cor=15341589354437003000&adk=2857193498&idt=167&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c5f76cf64183ac29f19d0af7145a7ea7ad36b417ade9561c4e5825fa6832966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2946 0
0 85ms
77ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXLeOeB2aJQYeAffLQx-oUlH8XU9bC2TwaPNWSjhjkZpLDCkVUhQQlu2by3V62N1rjRIYHNcC0TerQeAXo_Fi-slMqUydhBBeweiFT7qYlZ3i3lLk1-rzxHFpfZck1D-995ohLSWSbRrFwB1gY7zF_aUQQXaN9TwcXPT1RDyHEJHMlQjSsY2NiDyGSWx7BSerue3eamgKaM7VKchpaqOZlKTpZasFOw9lcmXGESzSlJgWtAWqBIwOL6xNV9I9QrI9mnB1r15cQTJmZK2XVLS93-Oc6Kxsk5TgTCy1AFiFY155p7Tu5eHTdR9sJvOxdcmrecTU2ulu45v0AvGrQGHU0RluF&sai=AMfl-YRAC4LIZT9MjE--U5hFHY-VdS4Vp8Z2YfgMlfrE6tVHX6-yLV-siR-5k8k--BugzkDOGIpN2NXQkve44DENC6UZFKA8Af24spXvijiUbQYUjhOh3SAvE0um6GL4kr2QLfubKI6WlxCW7W-_i21X&sig=Cg0ArKJSzMAmWM0fM7ovEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 14:46:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2946 15 KB
11 KB 248ms
161ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2596a16bf392e4823cb1d3ef55d3795c3c82f3d94a996b66419bb724119888d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11252
x-xss-protection: 0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 2FD7 37 B
409 B 246ms
243ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

3ad10746593029765b253d1f930ec7d12d77aff3cbbf3dee8321cf0b31a87912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2946 204 KB
74 KB 167ms
151ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3S3JP22CEQ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV3WHPK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55e3d14d96e0c61c4e934528cfc3793501e3fbb00baa97bfdbaa3dca8ea7ce40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75853
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 14:46:47 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 34C6 41 KB
15 KB 214ms
213ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cfp26Ik8wQbwjUhgs3IAnT5l9HraMvugLf-pobNSmeOmrR5_QW6vy3AjVpQyZ-03ymxdcfGnROwMv7U-ZRy_EQ2bveFVoNdKqoshKyihI-7mAmTVGaZCBRKQnQNXpEN3RVW3Iix62kCVg664joWYn9HjBNOYhfyMJ8xSoFVKDEcDPC_zQ&cry=1&dbm_d=AKAmf-DyY3UNZfJqnU2j3q5MbcUZpB2GNtjL5IaPJKd5SpDF24JubtgbaY5W8N3HIKoNzY_QYvPP3mQ9cnICSvfGCSsYrUxMr8FTbRP73NUjTmVu3Erx99E7NU8LzYDAPq6-j-qIgVkqoI6QIZUA2drWyXxh7CASGdlBDggrUwif9caOxwyE0HHxdLcIXdokq9wwpViRcdJmt3rEOBlbM04XLxePJh2l0bsQT9clSpDoexPgojDgOiTo2ch5n0G2FJSBWP_pC8EZRQex8OFeso7OZyM4JWliyUUUzdZTiX3M7pgSzO7PjNynR-rLh5rgOgSw6mlfPNofuyOg7hOArh18INgWeyXOGC3MiKU23CLddg5wcGvc3H2unhWhMhcVnQ57Wvk7P-r6vdKg5myXabpQuoBB-t1-_fxQxSH_4T-cmLFJEruZA6d1Wa5qMmhaRifpbNViHSLG4YsS3d3e8ofPqKrzwKsJH-SWXjjL3RFnyoXTF9gaZY3GVt0qKQP8HGz6pxzJTaHHJqP9QbTFVQVEOKxWD1ZiWi3R_VM-rL93wYMTk1EFziJ3-uNLIoq19uTGPfSrEo2ARsuW5Mb7b3BtGwwEDJg9PUcsyTau0a8nVdi7zU4N0qTExlLjvTvq6DjvJhzw1WWBHpq26zYQWjQUZcYPe0-CpdweTOq5LDhkCXZ7SvBy5TM0mt1ecSHD9ISifJQHZ-jGgtRaSnmOrH9aLP4AyslxGptOlr-tP1sGbwsWAy7YHGPrHkHf7HCAqtjidsdFJnWy9fBlshDY1x3fQoN9GcUsxtiDM4DokHqVzGPOq8oNBhaoJgBhNDNnwm4bKs99rN5pxt3dcFtcD6ewfofFQ81NWL9YwRgK80eJEpvg80lpNWFjt_nY0MnwF9w9Kgk_OTlYF1CC1GMasGMlIGlXmCt1QKBmNEkkMk33MhGhmEaAA6lQVz8pMBmnul9-wMsb0c7yUJ3QEym_6Ey0rkHcNRrQ7KsTLHk2iMWiQ887_kXN3YRboMGDBfCl7PQNuTOjU5fGfAT34IJ3aXdfdid8Nhp6m4XrMvZfHQ1EP8XC-PXI65I3sNWcnUB6Xr2MUBbJt9wJdc_jQ1h_Kx1UOUxha1cG4-J-2ac58nfxAf82f78cD3LnNcTbGRvUuiWTONaqpwr6uWuNC5WiztjYJ7g6O45kzOSIOZ1zpFRygyCFYzzAF2ZHgtheehS1hI9P7njng79lcVCU7kTqZRhjY9nNr8BZsDJBDzx8na41tBpSU4kv3bYv4uyZ1I2LK8fIdnxCFtR-H8ObbxcHSkus1p9qX_PeGrMtDkg3oVsdpiXhRTgFNQGX8OWUAkFEza4ybu_HJrO-OYMwAoTVNC9y7JkXTjfcXL_Z9p4yO3w2323lZLjGf2549BnQ2AFdjiGwYWkgG8oMjp17fZMtOk5xz2LFY8kf0HZJcGQ23UE2Oflppkq1h0K9YBLQDSR9XNB96h2KZnl9IAx5MyIZq9fvLS0eHl6MKBTGV4RDDb5GP6__Ul51XQGurY2HOXfN1q2YtCAlsiFrZ2zJVuwLpbL1fhuDTbJVPS6pdzgDwseGSiDAmEX6DPYPotUuhuYZsDz9GKAQ7Vwdg93gNcE3ubCo8kOSnGIoC5QdhfEQ7H_L_y0r_UjFbHHOgfOU4r6FNRGwkDg32jmExPw2Lxylwuq8KowZTrZoAC9TLHcYEPzUxFVd00-f63cbvMh4G6pD3xPePxt0lp4uy2Igl0cDMm1ssAHu5tHUMYFl32zx408OHKN2qK8auUB_d6207ZYWTA6XOsrStqyWYLsdlikMdmlvYupVvs8ff3IWWuZjtAEvWMA1q44Y5esyRA1w_rz42pcwMOUqPwh-nyyhIqYYl-waGItFukemnp4Ss_GqOr6Hz2k6aVKwwX3WEXiGc5tCajsNLH-hWdMfhgkfppW2L96lM1CnjR9ojsycAuKd91Anv4iCRkNq3nx148TmB9xgFEvJ5VJPAs2ypQZ_Y-raNQ7b8F4QG4zI-yjDLzRTZMUbWJNzivKkn5gTUCjGQKLbP4i4-M45IvKd8wgOvUiX-YDobBuKReiVTmwlhyN6YmMtyDzL-LBc7xIOIsNRELutrTXYZv2Ro0-24XZ_V543bonqJGpMwNP4FBFYnVjV7d4nx-jfkc_vtjy1JvKdNDR2gYsWxMoF1OSeqmMsB7rfhsbfVSy3tcXNJQ9Dmo_1uDv-kmOJsGy0dnVKt_Yfvbu6tV7KaVMAATFEjuIAhQe5Tl9BXGajWNpLcrYVDD2VUBLyZsWxL09xk3URMX0739NDyTj6KDWljrFzqOp7Bp4cHaAoZg3R-EeJuv4OLfqJn6bSIK2e5RcyNIXmCEJydYss4tlRsNS7Hh5YN6ZwLJSZdRbBL9ExdVYRbu3ntLrBbAARRWTLCg4K4CYDliv-DnkFlU6uzS6Wafcad28uIW_NUAPaKaPzKyUZT1lTBUGI1jSDa0XqIACyqkEKI5Egpp97F7hnZzJdQaT7NAXSvcGYxGRMPLxY9b31w3XhLPFWzzJUWKTbWtg6oHrbsG05kk9-OYEOum89DTy4M7OqGFcImfsuwkg28J-3ZvfzOEWX357ZU6P_7qKtXLUOkOjQueQkD68biGWSFQMJXOPLsoAz_El8L705J-3SblqdA4fWUMKXMvpi0YuAZz7iaKVFtUzCzD9piYQXN1PE5DHHmSzwiFCtPW2EFkSf_xEHnA-SBZEEKZ9LFcDr1N-rr-j9Kvc4fXq6Ic603QKxnh9Wj1Wr4uiQh1mpSJh4lIlceRz7LsA40GLPfB7XpF47P1jUAL-9bSg47oHqO9FTGoJBWrCSN8YNSq3j1Cenyo_ygHhuK7D8x6LQbZ6Likd7M2-65V45NWRcWr8K1B9eas-G0JWWfomTfS1JixDqnnC2olbE4U47zk0fh-OnJF2dLZD7rZ36PR84-3c4iGCJI8O6jbwRnHQnIEAaZoq0ulsmehDcDGuYQ-fE4gGP0iSYNWDz812me8igdfoYGpjH_qBl9svrr8-TyQd64axADPmCEJZShRTpx0EsO2c5GAxVToAh_j5Xxu8a97i-oDQDOT4JWTgCYkRBfFXymrUDl8L9uM5SnfzTntIlFK0jecWMlaYR5fjMXP5DaTC9OipqJdFTAszuIKMpOW2X8iHKz2GQpX5kOaQEsxCQlHdPSQhgygFSJdfX6-UgF3-_YJE0JnzIb0Dy3curVCnbzukGispmwvy0QzAzzz9i5qYOfPzn0FUp7yqii3ktN-1CDTq_fq-uVjsclE0-vl7oIe-tVxF20TnJqhIogvmvKp55XGE2McZo1oe1viLPJbXajNIiwB4dE5kpIzUexs_U_JxdtZeRDhgPudp2dRuExsMhWptqvcAT0oZbPKk0OrJqPn3vtNwF8fruYpDtRPL0dKDYEC1RN02hVFLfA0LGk2Ivsxcnz4HcBagEasQbOWRYvaIXzfWydtL6hxNeI2yRBDQej6s9x2bYT_Ksk9z9bsqV5Hg2i8CSFMIDVJdjECZLt_7t9_HKwpBNouQAZzMvE5mFtTNwGW72DnO1H48Dv1AJWSyyoiwDpevWOtMo1BzN7pOVhuozVkCM23y1NyLNtkar_g&cid=CAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Frd.fharr.com%2F&ds=l&xdt=1&iif=1&cor=15919505498348028000&adk=3047537735&idt=183&cac=0&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 07:39:33 GMT

GET
H/1.1 200
OK b0ssnwblwmm3 Show response
hal9000.redintelligence.net/zone/ Frame 34C6 11 KB
4 KB 241ms
70ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/b0ssnwblwmm3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDv1wVMeNZIHMPLqH9fgP_I2g-AHM-YagaaOwx__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_QnNWtRabSddSVMoUCrgyFzgag0cHrebFewND3WPssxRdVxf_8gw778Yx7qon7P5FqFvJ9N3physnZ4g6egxeqFm3LAKtKaP0Vr6qRDjqoy3_DZseew4xTU0tNw-3DzMqA-orn-7ltujgJ4Z0x1etZGcKc8ro3iL-qRffeYpXvy18TtFWB95XE7-iHCb_jH5l4ovBsnytHBV1IAX_dy5iwjDumz2sDkX0_UFBplg7FvkfcRrmqABHHcR73qxufJGFSdPzUhHgNkD5HqfvlLE88rbOUqU2j1UtXhtqrj52hBhsss2V3wATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_2ys3igDX-6QYzv1fJks1p3FRMBgg%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-B3TyP_d4iP8DzYR4LljygyV_YAje-k_QTebXwtVigu1-41xwBHhQi5bnazf1HpiQvKZqiakP3Ri6vxecejFO88ErSwqJkPjIedUTA4vcixAPj-UFSVsvk99mmgdd0WtiQxNeeMVW1ug3Ncq35dZ1RtOtI88D5WxzsXAM2nGxkwbNlEFbA%26cry%3D1%26dbm_d%3DAKAmf-DPAt-a5Jr9dIRs5gJ44EM_P6Lcbg988xdVt2Fi-VoCAG_SpeTlreQLCYoA4ANruEOPrK5t1Rg4GKZ_7_ST30zBjYsZihB0sfEOA-aaZvEjhJDM31R5IqdMRrI2fOz6tI-hXKaeh_eKjemgPx4Om2m46ImBSjO2TgE-_951Jcy6MFjiK25iWiyY1A-9vCcnkVVJh8xkojQC5abCwkHQ_XsT3_9xcOqxkPJQwn3cG1AdqimZLqikCcJqy51yvwSms0aXR4WInxkrYvqmAFE-lUSca-GjVk49-lABv9Cajy6UBhv5MRj8tuKc6EhIZyJ6BW2RzvPmHIuh46F0pnlHqsufcXD8d54if5d1o1wAl6asa8HeILqjTPNa4hS1ElWvnlpZbW9idp4GJcNBO6WZ9UbysgLBP3j4GsYo-RhYp_rMzUnPwQKSiOfuAThTrK7uiYxPOPCEmzVNfyWtSecLY97YxWdy18TCEBEHDqyHmPkgKgMXnPC2xR555Qe-bNyz4_9Aan78jL7hPGzg_fwgL5X-9Oi20Pts_KcUoUhwu0698ciUhHDUOwFeygNnPRHWOzGcco25%26adurl%3D
Requested by: Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4a9cf740a06e1ba558479f4f050de493dc708d8cb2f47b8d528fa2704d4151f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4119
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6C9 0
20 B 124ms
101ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3373341967860&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6C9 0
20 B 97ms
96ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3373341967860&version=m202301230201&ct=77&x=1&cor=13801519230579290000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F6C9 15 KB
11 KB 89ms
79ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cea_dX2vLFErgXs7c5XWwQiKT_3bdfvaDqa0z__4piVe3X8Fs2aRCRGgSdZkncywjI1hsVI0kf8paPOOLOM40EM1iDB1F_ozpkhnnJfn4in63uBSuQzf3oC9hqZXPdRQ7SIVm5PVmSn58QLvqJexjdIB00r0KfKPb0j7xx8yg3PqnhjF0&cry=1&dbm_d=AKAmf-DaOSUFuWeEitnrNJXbt0jrxqH8gZeWCTXsCe0QkhJ7uwn1H1iEeZlKfBQ1ancVP-gdbDks-gRF8CwiP_EuVoePEtSW82vdYbCWMkebzoqiGxT7aC7MUm3WFP2pzMlnbzVv7UZxMJ30D-nEf81-h4BbOcqu4yupFNOFgbjRUlxq6CT8oRrnG1gb9f_rjAxDn-r32co5LFhtsVwPPtnr1WK4YWQBiBzmflyiIYHtkSRjcmr6ub0vVMVBUle9htC5pbfqkOczkcraagL-95jdWi67Qqaus9d0xQrQeDnn6nQyEPuvYHxpFuJfG9MGcfnvAhcvRvuFHc1WGdaP5wG4Kve55uxP6uLyPv_4BhtlsplqTUnP91N1trUCF6wdGQLqIOJs7t8qP9mF4zWFdAKZo76qmAGruO1ZYHLx8XxYBtlnsTBvUeEu6LO5g0D39n56HxeLZuO4yflqjXbKyMSBDwxDghAsl6tLCrdJVPlxw0CXcMwiv6PuAU-GBiCo5gqPwaydFxMOFSWV3dmSLkcXO_BLxwCAM-RrF7Klp6bJ8I3-NPMX4J1YC5VnvnqsIOI3uPfBlbt_YWb3h_skBbsm7XROvF_RfwkdkmyYCEXuL-CrxyGvF0lHtejtRI1dZjKKHsaY5Mi2ShxpCoThhvdRAXujQgSfGvJE-CMQ-ICz2QviiU0D2GxbgLL4jY7a0TTqHUB-YG6ZSBIq6h2AfyLE2gPYxSR8VDn9npWHOEHLFDl8nDHPXzUHzRwEVdbjRyZgErQlCuvX2uzCmsmf_baGWJ-fH9-WFP6WXGNPHz63pq9rGbheA8jfiyO8MGA-5LM2rRWlfRqwAVvNzB_humFlEMDRadDik2e6NKtUaByfDansojyKIoD9wO8n1umMvUS9cbDBNZfE2FTeEpYTpxuGDOH9bw9JPAxVrVqatzMgXiH-7HVDSN4V0Es5Ig3k1YH-gwzVVwQzrwesm9WwuKWjN6pAy9fm_P51yCRKtEG4alFeeA8rVmi6Yl03nuXBaCvCx8WVX-16CFvsiYnX3KcVMNHbykFqpRYXag_WMbsF7R_5Sb1k2Xw12XRzpJ3ZOS8V1Zi3cLUMrRfWXUNqakA9--3wMrHUcObEDnOoyA2fXQsqQP6w4p5ql2mnSjMsTi_hzLNEkFMP7AKTbg-aSyvZueuvXfBViYK4WeeN2aG9Bv1whR82XIxrf79lUiHSb_V1Nz9iNXYxDDQud3EbnlCqTFl9zcqSaNXPf6GlCIaLixX98aPdZPfAzAgUx26qCjP2_9TDWn0vVpt_Tp6ySkqozCMCywcpk21MyOMtTrDyvQKqx1KQU_DFPBmpC5lG4VRUhB93xIShdMJM7xpQopLixggloVQWuQZL9LRJr19as1hJ_a7_Xz8c0uYLoV8vDBBPnClM42SLa114XIh7qwACdj2iTHCdicv1QP3wigQEijtO8AwptNGQC4sM2R1TvEjQNNQi1xtuoUc4GjHcnOQaW7v0lpbviaR_wEnXAf2k4bqn-tp6xa2ynCf0c4sR38kgQQISFcaMu9pfXDoCkzKS0XVTPBc2I1H3qb5g5-dtVmrnOPY3PJVJp1uo7dNHzvlLngfu3jGsNg7Vfw7E-UMxlDHz4kHAebZMC1w2BCLjogEgkiao2cczceA2lrSqRnCLSEVqqQ42Cvlmzc5pJtfJybSA44OyCqA0jBTfPG2rx7YjxLgLCZaxLSI2osFdGvVZPDYWb5zXXCBUIBAZt44kJ4FkWaiyI1NDXmFunQygbAJWOttgwZHYoyuRCcaMt7CAltQJXePlV8HDPTGfo0RcNPCLuI6Ko-h41fJRH2y_K4EypEKsCgX_ZQ4d77vgay94VG4hHhOA__veZchUFWlBINE4MJ7_1KLnQOs4cT-twIruSs55fZx7BIQgNFTdXwnsEwDEXPakYZIZFC-2ajRyGw93VSLGdl3G1xn4iYddTEOrrKKNQF21G4RrJ1rKhVl_E2eu-IMntVA4ghljSTYKQpV2a0iFOvQHS_Ue9dr7Ne0K7MnG1htOWzuuPo5Q3pkvtAnRUumrr2cu5gm_PTI-PuEH3Lde4BsruZAy8854r0-nPS_YewLFNFJHYC2s97FQlMpZsLyKSzaUnDLhqnUXYHxHd9ls9VhdpR3avq3YEgBzHy4zSNZPNTVNDHgf_Lef8mnJaRrRUVrWfbBbxnRC795yVqfvoT_UGqkPQcio9_yvD4eVV_1mfZh1hN4v4PYC_YnoXVMCpObEhxTsM8gvF_tP7iggFSnxZ38tP8jrOWN0QMAXgm6ThCsx1tXqOmMhKTmD8uZA_H8zRB8xGQEBIq7Gzrqw0NHl0EEuj0j6_L95uOtczNr8dQXsflqpbXHQoQV0ixUjcdTYXCtdGSa6daoAHBtHqXTAvaiXJaCLBoePwxpTxTkwR_RrBzN1A9Uza39GMaelwKcWZqe1O1WSt1XlHNcFKJaDrEyhgjuRSPdfpTYnWChfN6yOAahr9-DM0iJxTbTdxktnE_6jERXGi_jYgpxa03WKSffYk2gvHpEDXkcIvAIOAw36uwnB5iiVCVIyUL8k-Pfrc7uHCuIGtMpo0zCiIQAr0u8wdwfsCnI3G4OP-Y8zc6bY_D_l5Q0COp_RTyC6gwafGzlj-0OWpcdTTyfMsyNJy_hIGqCaytbytghfsEz2LH-GR65c14vw0c0QMsXxN2KqUqdkCoPwW0T6t7WCX-GX-n4L43vouJtTxK6_htnVzIgtDT93hBdTPRqt7fGjVDR5sHtBqx1CW0VPA8_kJ_76Sw4pOEIKS0EGCehee0C02qDMWk6al9bKTI9oOKpsLY_LHsKe83dg3pkG41mUQoQY3mP4-G5JxorsYAHc20d6UhcHO6mHHohAv9WsJFzjzslAOJslWCjxUqnDyhlcOxCay1C7hIvMuAh1QV1lmrZGbNUInqjY8KVWvMcrLVNB98aVKu8oa0Tew94VBRyeWlDD8igp7iViAyNUy8y-8f9oeAGW8eXD88RiY_z1XSVgzo7LWr-IQnhuhjXylEcSHXEKBskSNOyBNRq7ds5cSyG3yRMglAwvyhkUIzM-oaVT4ti2iILtaSIOFDmYcpEhq_5caM2ZqPN_VTLgqJnk43chDThDZFG8mVMW162KrEvw-de7GB8NZ5X148DGQgtmfCeKTvEkw2-1P2MFMgR0j1qnuKgOfWxwdc9j62UwkK45bJeAM0ga8SFll-8-zduJHj9NpqVss6mYwkv75feZ1TW2bkA2ayr80TDFbEN79IL_THBbq9U5_0Zpi71z1Kiwcor_mSwH-ug8Pc4wBMbB4jogPXJ4hjAtPILo7rJbNCiHKijtg-Ray8u8Hp5N-ByQY6dLhn10z6aDDBSupgXxvJw8TOhz6QfNW6KJA_eDR6kTLDmb8Owl84HR1VRX489fZghI-lzSRFz9Zk5pmp_4edOrnMaf6ghOINRqfrb-9m7iaIbM0LrB7uN3fH9uttz_VfVaumNrVZGf8Ujr0EzjB33pJJR9OnTBApbN-0oa3zLl3T2eGBlTOO_mRnvKdJvlhMepq8x6kPao7vmhN5YT4HcGxfpHEjm55DEqiHCPKCh84qgrmSkrpLUIzpwJCKIRsRqjV_J-gkBDUB0p26yno5s&cid=CAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Frd.fharr.com%2F&ds=l&xdt=1&iif=1&cor=13801519230579290000&adk=2086295851&idt=418&cac=0&dtd=36

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19c7408814e3d966308da866f7fa0ced4a38b3e388bc0c896e9cf6b409d40cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A984 41 KB
15 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2vzehWg9NhwRYJnOhQcjfsNKRNa8E2rfHbFAu9icVGeZRNejui982Lc3Gwt-mRbAAaVgt2LPj5_4BgLZ5cDoVqkp-i_QDbdJLzjMrDKrb_eBEGL6UuMzuwMbcFLUoibsKnM-qPkYLPA3wUEs2q6p3-z4ZPdGZDtc6WOq285elqiRp0xw&cry=1&dbm_d=AKAmf-AJlzgVKCxgcfmlFqGa4tJBc00Q7eauMZYZ0H5zWetQ_3EkxeeyBAoyI6g0ElSMZoatw_xV-8YvJWfE9y6pBawHeGQxfk6ZrKZlodO_iD7oqzdX7Gny7_ezF-ImG9UavbTGAk1Fmzzl7ZFmOZtw961Yifp4YFh93toe7_Rgwhdx3W0au6dpppLfLxK2Y9vOxMVon_u-AyeISF9sWCcuoZpMoyaWAndC6HBX_BjCIhzeU4_NWpbY4FOzvvfQn4nWDLVXo7wCITY5p-e414tZ0mxsmL-DVVJ98h6fvQP4legnWCJe6KYK_RNyh9b5HTyIfh7Q61gCZBrFgNcIqo4463eLB00FrqMF6PhPs28MPQ8RqjeVVHo1N7MA9SWv7KMMNkwjoHH5kOcsRBN33SyUmrfENElLe4TR9zY2HKkH7RUnejXnGCFI48UouUuO6GosHZUNMRke0S5Zp-O91UZetNht_n7zJUzOONJ2TMwXSL7oB10r3PuWqdoGlQ7HHQlquNeNckBNMS3MX92-Kgp_-nBUbpGCjLDKDylH9af6vps9V1t8ELWy32pRokgIPt87-sUGIOMf-Y1klLAuvjWfyWa7SdOwsSLQhh54lgX9pNwIzgBESIG2zzB-DUftOiEVV9BKsBWBWayMt4LP0lC6v_Qe3mJTN-p2jSEfbJ9sn-fvfwspKavEB1-yZnUW_660EVVy1lPpu5UOgBZ8uCxzuLOe_iwWZwmu00JGPD7vHRFtp7jBUka55l_SO4iiUh0hgbHaNxO4dB4mSohW9Ad6exouLXFQFYLVRGHF-rQNw1Vt0KYBqHgMtz7Hxi-067DotAErKDxZ4dcsCG6n74DRm24LEvLuk-z60WQYWIoFBxfUoLug8buTIEJiF6-2MuoIlNT5auzbrv-s-cayXJkhcjKTzRl3KArzbRWT2UmZIpTWiZrbU_H1hSLL7cPJB2uGxlPJ27ydtZ262ilemNsJRNYpJO8si0i7eA-d8OsvucoaWAqeytuwK5QBQIyyGBKOwXSlc8oUKdR2pv7yyd0-7pj5sCNTGpCcnnSPumivDR0n3imdBpD6L0JazqHLkYHWoJqR2qJpM8WZ4rUUcZzqUF4hMgs-dtjAn6aa41IQBlb_b8ghTodyb_zRvtIB1_ahYcBBMUctHHscM7Uml1ErxYbN1gOkhPKYJ6wp9jw6AoyPRNTY_m_HQTqHjMBseRkfOod1aWwkf1kR9koxESgb7YnYuQ3PftjL1WSuNBnxlCr5aM5mZJ9RF7NfkU3GJOzf1OqGR21-sPjog6mDUovEhcTw0EIPYeWxq3_cAOgYxoRYKBiUVjKEuEWUUyXMmOs4YhvuIswT9KktLB7J5ykTcn7SbKIVoWmSGsbIpUD-e6YegCY_zKzAFQXyOvVfs_YFby2llaA1ViBnlw4VZivS5d2WsOCezDEUo3jBpWoaRkNFDG_8QRRkFo2e8cAfQAMsUqLxhBdQbKDFFMokDEx2PszjYj3ha12Pz4i2s1M6xIGWKjlNNVXH4Ez2FtPyR5A7sD6Ugkfiec0IudAjiBlhHNpcNYrQm7nRFWgRh0l5iAeaqFDgLqJbeIx4HAZrr5nx8Nx42W0GTUIBR0UXTK2xAdfXRnD0URKfKwUexYPDzcZ5W9z8zcLMkqjB5l8K3eJejnx-aTltL330qv6aMK3stpnajjNt0oFZFIVxE_g1NGlJcEPhQaudcFwlnBOswi_fGJvbHKz9XoWzvtOGI7m2ECdnYR59Le-Lw44GjOhp_t4b5qyl1fRuWxl1acm-1IVW5DKThYNkUWp5Of8Hu9R8BYSvAw4KcM_fHU2ws8NmrTXt-O7NH3qP7j151Joa3yBLNbBqh6w2Ih3L4iJ9oDg6iXCEZ06qdJo9mPRq-5jWC6pkBlqdag1A5r8xXtSC_2RXNffsdV7OmO1NT0zo9yGCL0o2EXrY3fncFBlg06NnKpA4BX3cTha3ZtsioEuJ1ywdZE-aLG76J6n6CGvCDXFiPN-tN9OqYxiLCqg9wt9txHFY9BVS_fRIynnN9NNJyiCMPQ3yjuxmBoI-KCCcxb-Bob32sWKTkHlz0Iinmubouf4ppDfPRI4ooU-0fUS6BsNSWB7baEKGvSo4fT-Eaq2x5D7RVx0VfZoY9avlTCi5SZOmlUqeQ5lu-Bm6HIcI3TiL3MtwdWpuELsfOONFmCMGzn-YyX2UvcozALkIiayr2H4-VxIiPNNaIZI8QXUR5r2ZN8p3mrV0bMg6dJRJYsniVsksvWRHGU_gQV3LgxjZOJpwjC21PnU_eZlCL7QqP4asehLU60Crc3PS3C6B8xnia-1Aqzoyi4p8M3DTUvKV7CG190axzFpNyeuiLjhWi9d8HfQl1HuUTIRvGxgoBqOnt6r-i7JB1HETzkuGS7aOpolStVgBMCY3B-ckCgB6mHsttnujIsPY4i0JEClTF32m4PxwOzZzAt04ldEHVZETrKWh8Vf5Z0QCQ4hycjK-AYPqi_WlDV9q0ivEz4AZfHiGxDZkcGtpQwufUHgDi5JAVNlHZga3ckvQnvUryaXogvOituja-DunPsP_26sB2PsiwNM7-Wmfs-N4qJLkmRi1JsKkto6dO_ec0rSQBHuGlsPwlwGmlIQRts1WWtmhMUfqltDoMO6WTG5diviubuFl9E-cNoAFyhhuzKQ2stXtz-diqKvapiInkNFLGIFL5KssjEoGC3BES7iWdl6SujcyHdPT7FX_TJMdV9OwafxIh5wLqt9QWO1CkWIdxIrFM-ESwqVeps2cTGTQwrsq7gwb3e0vO9bCT4KWujoadGF8vgqlsGp_7e_DHaKlQKrub8AjMn1Gnp7QOo6dmE9j2FN4i9mBArQePzcaqjQWrgFx8dqdOSxPh7SSlMKubW_0IOU9Ks-iwJlUh5knvduf35PZHjjDv-1GPI4Ry1WO_uIhGH8TCqBdJc5hH9n2yj6CjBv9lWr4zuj9G-ESJGdeeh15TTm6_p5XYtkigPGn1MfVFKby4wMDU4AHHSmyo56SZ_9ek-gVcsqcsqvPyyM15Jk3rUeORYEMouMWwa2YBy7Ds8w9r-hqokhLs5NNIdd_BewcTvX2Kx-WnW1_LYGt8GmegxPiah3r-Kem_qwT8HfaUXMJoPJk8foK_328S-J-IMx9aLFvnyJVN2wryt5sXCD-lohBRzqC8mOhyBAJpEcepxHHQjqOfOiLgtoywwETEJ4yG3OFhrSgGsl9_oX1j8abpdnBXExAWcBVPKyFkcyEUX4qCFm7tpa603tIMqA1fnmjydJSSEwa0avf-ctZ85GM1pa_Yqw8ekazrRWWQm1D9MKB2489z0Jpw4jmWucjVFWEnWNqYbc25Me_SGU_UZ0NvhIciBlCswarZXkPZF6-BKtGyjfrKs3aFW9jZ8iEBIXRz9dRBQ1ajX7DMDxaDulyR7UL1q5m1GhL9EPfngbdVwUY8nyQksLjBmcDXt-laznyLu7iVe5zDdzfqplFcJSmbXnZjbMMuE1wdoeHWPByDGbtZLxQXTMO_8Pe4jC2D9YZTlJHn58JmLW6n-JU578NBbk_9LOsKGoBXWRd28lKk3RQDo75uyE0SMEqQAi4bzzDholhkjYp9L9NjC-riyxigiD1ArnW_zE&cid=CAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Frd.fharr.com%2F&ds=l&xdt=1&iif=1&cor=15341589354437003000&adk=2857193498&idt=167&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 07:39:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1891 0
0 104ms
103ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5QNns3O0KGmarfL2maAexLO2z0H5LsEXKUaisviRCNpOtfyVc_dMk39FCASFkjyYVUviusWUvZofpApHL98gX705HHvrV6cz9lulapHkXuzMTLz6u5ln1eh6Cb6B_rWNIVnM-xUZjXzJqEjVPle5vui2gcu8DuZjoQWffcFJznqdfxUGC44GCCWROl_rdykn6obtgEK8322ks6uDzqSWEC7OcHTs5GQcL4H5ddU1Y6GGzTiOFc9HqGM9ixlsrpQjJR2N7wXRpy3Yl7IiiNmrpVZ9DmYpDipD29maWVBK4OeD3lQDazHv6u9DQU03EkabAcg5bUJKgCfsHN6UlIM5Gfq9iCg&sai=AMfl-YSZFircPYpg7DnUIuL2KzvoinVZrbQZ9Rh0xL5Fu23wCRW7N3k4QDWmQGIxwG-7T66ixisatangcHBiLpPGP4ZJWMLjiC3tIBB5Wlauqh01vQJOR6hteB9f5KI8ukcDPg&sig=Cg0ArKJSzPwPaDdCZPYmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1891 136 KB
46 KB 161ms
160ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

511932cf4f2a9adbf1e025aee3df919280e284264d3551e341205be131c2a520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47279
x-xss-protection: 0
server: cafe
etag: 6027524744995582673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1891 178 KB
56 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2946 17 KB
6 KB 82ms
78ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 14:46:47 GMT

GET
H/1.1 200
OK 8e4hjwsd4phy Show response
hal9000.redintelligence.net/zone/ Frame A984 11 KB
4 KB 156ms
54ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/8e4hjwsd4phy?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTC89VMeNZILMPLqH9fgP_I2g-AHM-Yagafu5x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTpAU_QS7A6VKdlXvZ9bEh8R4jY79z6qDjLbysPwEi5ZbYHEFTVJi2us44YqFpsDH2ezh7qpSmZ60mIOHPk6Q4_tlaADbFRVHtmu3VAO9oLRnUT3Pm7GOeI-6bmRt0fjBLwHJjO7dbC30sOdn2H3Rj1s1ptho8ifz6bQdNo1jiRLu_FQ9gJ2SR04ssN9Be8t5ndSrzyFurDIESshyjUi-lnjV9nIpFCKQEH4gFDPhFJPwzLcXqXyLMU9F4XLQLNQejYyaT2pGKxtCtwAxYxcP8LFqnptd3CorSgPBud6JcmjF4XhNBHaGUe7ZnAwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_1r7Mr1PUPOF9DktC9pML79mWusqA%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-Devf706cZ2unwSVKgicKtevSodA6anSLoUxC6HRr0eU1-z0MWJN6maKEcTkhmTWtd8RAZU1-zL8CIf6FSEuhIFbIYlyfl7SWgmgBgtzr4AG8PbPDtgYEKF7DzHByM5Ibbz4gPHlYAnc2boO20jlgCahiie3qP7MRDS0P3HSkTzfmE-HaI%26cry%3D1%26dbm_d%3DAKAmf-B2lvxJFVhAFJnqUJG0X9cF-RJ2Lv_5KfPLNKLpAQQN8b2t6TEJPX-Zc6T1oI2efOZztKJG9mQAcjNfMXmr0fVmUxAKhMcPvbkayK4HoKltFt9I794VyrAWO5ebZACThVJ0C-dcVfSUNHuzLK7H4W4sIz25mBYavbsJ-YZF7-fL7QJpjPD2e2UDP_eAIpUlLbgdaXiKgNhQqpPNjcuS8v-6g5BjM_qO6lcpVFg61O0rSYiF7_APAAVrK6sFYYDG2B8Xk2TRd-17LPudeYRU4LmPQ3foC2SMk0Ykbk9Db14RESoxf5oXtdC9upksBL4mUc7_BUbKMbl96EbT0t9l1nfqFq3wJZCtJG1v0H5c4HtNRT4QhUz92LQ6zql0sD38eSuz0MtmqbkRRirelXW90qXcbF-3hiT5odqjz9uLV0wg2BZWN2htvAA3si69BZGrTvXerWctxzF6zu0inH57Mn-b3ISAVr15gzeiNyxMsOjrL21Ytg1t8Mrlyma9KvFkAy73lVICkMvB5uKFBstJEeSZLYR2PmB-TVjUfWcKZB4zk5Wun2z6W3Nx0ivqezSa6HZBBMHk%26adurl%3D
Requested by: Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 305980bba41eb0c731cf9caec5f1abac5e9925fbe5cdbebdd3372a8b3e92640a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4122
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7EB3 2 KB
2 KB 63ms
62ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 575652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 17 Jun 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7EB3 15 KB
16 KB 475ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:16:17 GMT
x-content-type-options: nosniff
age: 102631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 10:16:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7EB3 15 KB
15 KB 485ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 593943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:47:45 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 152 KB
52 KB 155ms
155ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24b9164a9726a2af7b660f3a0f78001486374a78d55a8fef5be9615320770f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52885
x-xss-protection: 0
server: cafe
etag: 4818661129577920271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:47 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F6C9 41 KB
15 KB 69ms
64ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cea_dX2vLFErgXs7c5XWwQiKT_3bdfvaDqa0z__4piVe3X8Fs2aRCRGgSdZkncywjI1hsVI0kf8paPOOLOM40EM1iDB1F_ozpkhnnJfn4in63uBSuQzf3oC9hqZXPdRQ7SIVm5PVmSn58QLvqJexjdIB00r0KfKPb0j7xx8yg3PqnhjF0&cry=1&dbm_d=AKAmf-DaOSUFuWeEitnrNJXbt0jrxqH8gZeWCTXsCe0QkhJ7uwn1H1iEeZlKfBQ1ancVP-gdbDks-gRF8CwiP_EuVoePEtSW82vdYbCWMkebzoqiGxT7aC7MUm3WFP2pzMlnbzVv7UZxMJ30D-nEf81-h4BbOcqu4yupFNOFgbjRUlxq6CT8oRrnG1gb9f_rjAxDn-r32co5LFhtsVwPPtnr1WK4YWQBiBzmflyiIYHtkSRjcmr6ub0vVMVBUle9htC5pbfqkOczkcraagL-95jdWi67Qqaus9d0xQrQeDnn6nQyEPuvYHxpFuJfG9MGcfnvAhcvRvuFHc1WGdaP5wG4Kve55uxP6uLyPv_4BhtlsplqTUnP91N1trUCF6wdGQLqIOJs7t8qP9mF4zWFdAKZo76qmAGruO1ZYHLx8XxYBtlnsTBvUeEu6LO5g0D39n56HxeLZuO4yflqjXbKyMSBDwxDghAsl6tLCrdJVPlxw0CXcMwiv6PuAU-GBiCo5gqPwaydFxMOFSWV3dmSLkcXO_BLxwCAM-RrF7Klp6bJ8I3-NPMX4J1YC5VnvnqsIOI3uPfBlbt_YWb3h_skBbsm7XROvF_RfwkdkmyYCEXuL-CrxyGvF0lHtejtRI1dZjKKHsaY5Mi2ShxpCoThhvdRAXujQgSfGvJE-CMQ-ICz2QviiU0D2GxbgLL4jY7a0TTqHUB-YG6ZSBIq6h2AfyLE2gPYxSR8VDn9npWHOEHLFDl8nDHPXzUHzRwEVdbjRyZgErQlCuvX2uzCmsmf_baGWJ-fH9-WFP6WXGNPHz63pq9rGbheA8jfiyO8MGA-5LM2rRWlfRqwAVvNzB_humFlEMDRadDik2e6NKtUaByfDansojyKIoD9wO8n1umMvUS9cbDBNZfE2FTeEpYTpxuGDOH9bw9JPAxVrVqatzMgXiH-7HVDSN4V0Es5Ig3k1YH-gwzVVwQzrwesm9WwuKWjN6pAy9fm_P51yCRKtEG4alFeeA8rVmi6Yl03nuXBaCvCx8WVX-16CFvsiYnX3KcVMNHbykFqpRYXag_WMbsF7R_5Sb1k2Xw12XRzpJ3ZOS8V1Zi3cLUMrRfWXUNqakA9--3wMrHUcObEDnOoyA2fXQsqQP6w4p5ql2mnSjMsTi_hzLNEkFMP7AKTbg-aSyvZueuvXfBViYK4WeeN2aG9Bv1whR82XIxrf79lUiHSb_V1Nz9iNXYxDDQud3EbnlCqTFl9zcqSaNXPf6GlCIaLixX98aPdZPfAzAgUx26qCjP2_9TDWn0vVpt_Tp6ySkqozCMCywcpk21MyOMtTrDyvQKqx1KQU_DFPBmpC5lG4VRUhB93xIShdMJM7xpQopLixggloVQWuQZL9LRJr19as1hJ_a7_Xz8c0uYLoV8vDBBPnClM42SLa114XIh7qwACdj2iTHCdicv1QP3wigQEijtO8AwptNGQC4sM2R1TvEjQNNQi1xtuoUc4GjHcnOQaW7v0lpbviaR_wEnXAf2k4bqn-tp6xa2ynCf0c4sR38kgQQISFcaMu9pfXDoCkzKS0XVTPBc2I1H3qb5g5-dtVmrnOPY3PJVJp1uo7dNHzvlLngfu3jGsNg7Vfw7E-UMxlDHz4kHAebZMC1w2BCLjogEgkiao2cczceA2lrSqRnCLSEVqqQ42Cvlmzc5pJtfJybSA44OyCqA0jBTfPG2rx7YjxLgLCZaxLSI2osFdGvVZPDYWb5zXXCBUIBAZt44kJ4FkWaiyI1NDXmFunQygbAJWOttgwZHYoyuRCcaMt7CAltQJXePlV8HDPTGfo0RcNPCLuI6Ko-h41fJRH2y_K4EypEKsCgX_ZQ4d77vgay94VG4hHhOA__veZchUFWlBINE4MJ7_1KLnQOs4cT-twIruSs55fZx7BIQgNFTdXwnsEwDEXPakYZIZFC-2ajRyGw93VSLGdl3G1xn4iYddTEOrrKKNQF21G4RrJ1rKhVl_E2eu-IMntVA4ghljSTYKQpV2a0iFOvQHS_Ue9dr7Ne0K7MnG1htOWzuuPo5Q3pkvtAnRUumrr2cu5gm_PTI-PuEH3Lde4BsruZAy8854r0-nPS_YewLFNFJHYC2s97FQlMpZsLyKSzaUnDLhqnUXYHxHd9ls9VhdpR3avq3YEgBzHy4zSNZPNTVNDHgf_Lef8mnJaRrRUVrWfbBbxnRC795yVqfvoT_UGqkPQcio9_yvD4eVV_1mfZh1hN4v4PYC_YnoXVMCpObEhxTsM8gvF_tP7iggFSnxZ38tP8jrOWN0QMAXgm6ThCsx1tXqOmMhKTmD8uZA_H8zRB8xGQEBIq7Gzrqw0NHl0EEuj0j6_L95uOtczNr8dQXsflqpbXHQoQV0ixUjcdTYXCtdGSa6daoAHBtHqXTAvaiXJaCLBoePwxpTxTkwR_RrBzN1A9Uza39GMaelwKcWZqe1O1WSt1XlHNcFKJaDrEyhgjuRSPdfpTYnWChfN6yOAahr9-DM0iJxTbTdxktnE_6jERXGi_jYgpxa03WKSffYk2gvHpEDXkcIvAIOAw36uwnB5iiVCVIyUL8k-Pfrc7uHCuIGtMpo0zCiIQAr0u8wdwfsCnI3G4OP-Y8zc6bY_D_l5Q0COp_RTyC6gwafGzlj-0OWpcdTTyfMsyNJy_hIGqCaytbytghfsEz2LH-GR65c14vw0c0QMsXxN2KqUqdkCoPwW0T6t7WCX-GX-n4L43vouJtTxK6_htnVzIgtDT93hBdTPRqt7fGjVDR5sHtBqx1CW0VPA8_kJ_76Sw4pOEIKS0EGCehee0C02qDMWk6al9bKTI9oOKpsLY_LHsKe83dg3pkG41mUQoQY3mP4-G5JxorsYAHc20d6UhcHO6mHHohAv9WsJFzjzslAOJslWCjxUqnDyhlcOxCay1C7hIvMuAh1QV1lmrZGbNUInqjY8KVWvMcrLVNB98aVKu8oa0Tew94VBRyeWlDD8igp7iViAyNUy8y-8f9oeAGW8eXD88RiY_z1XSVgzo7LWr-IQnhuhjXylEcSHXEKBskSNOyBNRq7ds5cSyG3yRMglAwvyhkUIzM-oaVT4ti2iILtaSIOFDmYcpEhq_5caM2ZqPN_VTLgqJnk43chDThDZFG8mVMW162KrEvw-de7GB8NZ5X148DGQgtmfCeKTvEkw2-1P2MFMgR0j1qnuKgOfWxwdc9j62UwkK45bJeAM0ga8SFll-8-zduJHj9NpqVss6mYwkv75feZ1TW2bkA2ayr80TDFbEN79IL_THBbq9U5_0Zpi71z1Kiwcor_mSwH-ug8Pc4wBMbB4jogPXJ4hjAtPILo7rJbNCiHKijtg-Ray8u8Hp5N-ByQY6dLhn10z6aDDBSupgXxvJw8TOhz6QfNW6KJA_eDR6kTLDmb8Owl84HR1VRX489fZghI-lzSRFz9Zk5pmp_4edOrnMaf6ghOINRqfrb-9m7iaIbM0LrB7uN3fH9uttz_VfVaumNrVZGf8Ujr0EzjB33pJJR9OnTBApbN-0oa3zLl3T2eGBlTOO_mRnvKdJvlhMepq8x6kPao7vmhN5YT4HcGxfpHEjm55DEqiHCPKCh84qgrmSkrpLUIzpwJCKIRsRqjV_J-gkBDUB0p26yno5s&cid=CAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Frd.fharr.com%2F&ds=l&xdt=1&iif=1&cor=13801519230579290000&adk=2086295851&idt=418&cac=0&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 07:39:33 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ Frame 2946 0
54 B 31ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3S3JP22CEQ&gtm=45je36e0&_p=234581720&_gaz=1&cid=1450125800.1687013205&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687013207&sct=1&seg=0&dl=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&dr=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&dt=&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3S3JP22CEQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rd.fharr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 2946 0
252 B 391ms
38ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3S3JP22CEQ&cid=1450125800.1687013205&gtm=45je36e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3S3JP22CEQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rd.fharr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ Frame 2946 42 B
408 B 402ms
61ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3S3JP22CEQ&cid=1450125800.1687013205&gtm=45je36e0&aip=1&z=1018425902

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=%ord%;dc_seg=7549582158;ppid=cf745a3e507afe1995f178f62a9171a8235c50606cd6c7974191925dd3af1ef2
pubads.g.doubleclick.net/activity;dc_iu=/7682122/ Frame 2946 42 B
107 B 1218ms
876ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/7682122/DFPAudiencePixel;ord=%ord%;dc_seg=7549582158;ppid=cf745a3e507afe1995f178f62a9171a8235c50606cd6c7974191925dd3af1ef2?

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=8930343;dc_pre=CPWz_PfFyv8CFRKKsgodbZELDw;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%ord%
adservice.google.com/ddm/fls/z/ Frame 2946
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8930343;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;or...
https://ad.doubleclick.net/ddm/activity/src=8930343;dc_pre=CPWz_PfFyv8CFRKKsgodbZELDw;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_...
https://adservice.google.com/ddm/fls/z/src=8930343;dc_pre=CPWz_PfFyv8CFRKKsgodbZELDw;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...

42 B
63 B

99ms
98ms

Image
image/gif

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8930343;dc_pre=CPWz_PfFyv8CFRKKsgodbZELDw;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%ord%

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8930343;dc_pre=CPWz_PfFyv8CFRKKsgodbZELDw;type=adplu002;cat=adplu00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%ord%
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=%ord%;dc_seg=6660775077
pubads.g.doubleclick.net/activity;dc_iu=/7682122/ Frame 2946 42 B
440 B 539ms
198ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/7682122/DFPAudiencePixel;ord=%ord%;dc_seg=6660775077?

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=%ord%;dc_seg=7422345563
pubads.g.doubleclick.net/activity;dc_iu=/21822724539/ Frame 2946 42 B
107 B 931ms
591ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/21822724539/DFPAudiencePixel;ord=%ord%;dc_seg=7422345563?

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ Frame 2946 0
45 B 32ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3S3JP22CEQ&gtm=45je36e0&_p=234581720&cid=1450125800.1687013205&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1687013207&sct=1&seg=0&dl=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&dr=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&dt=&uid=cf745a3e507afe1995f178f62a9171a8235c50606cd6c7974191925dd3af1ef2&en=Game&_ee=1&ep.webname=%E5%8F%B0%E7%81%A3%E4%BB%99%E5%A2%83%E5%82%B3%E8%AA%AA-%E5%B9%BB%E6%83%B3%E5%BB%B3&ep.bd_cat=Game&ep.fromSource=Category
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3S3JP22CEQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rd.fharr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2946 108 KB
27 KB 69ms
33ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 17 Jun 2023 14:46:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-xss-protection: 0
pragma: public
x-fb-debug: Ppi3/gF+8l2oeJpfM7pm4RXkOO7egsgJQLcol5G5ENKjEAeLkfCmbMO8gzSyxqwMMd5r9TGC/dXlUJ7UhSh5zQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900019.redintelligence.net/ Frame 34C6
Redirect Chain

https://hal900019.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=ca463df867&subid=&uid=60bc36485b71ced9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900019.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=ca463df867&subid=&uid=60bc36485b71ced9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

325ms
151ms

Script
application/x-javascript

78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=ca463df867&subid=&uid=60bc36485b71ced9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDv1wVMeNZIHMPLqH9fgP_I2g-AHM-YagaaOwx__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_QnNWtRabSddSVMoUCrgyFzgag0cHrebFewND3WPssxRdVxf_8gw778Yx7qon7P5FqFvJ9N3physnZ4g6egxeqFm3LAKtKaP0Vr6qRDjqoy3_DZseew4xTU0tNw-3DzMqA-orn-7ltujgJ4Z0x1etZGcKc8ro3iL-qRffeYpXvy18TtFWB95XE7-iHCb_jH5l4ovBsnytHBV1IAX_dy5iwjDumz2sDkX0_UFBplg7FvkfcRrmqABHHcR73qxufJGFSdPzUhHgNkD5HqfvlLE88rbOUqU2j1UtXhtqrj52hBhsss2V3wATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_2ys3igDX-6QYzv1fJks1p3FRMBgg%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-B3TyP_d4iP8DzYR4LljygyV_YAje-k_QTebXwtVigu1-41xwBHhQi5bnazf1HpiQvKZqiakP3Ri6vxecejFO88ErSwqJkPjIedUTA4vcixAPj-UFSVsvk99mmgdd0WtiQxNeeMVW1ug3Ncq35dZ1RtOtI88D5WxzsXAM2nGxkwbNlEFbA%26cry%3D1%26dbm_d%3DAKAmf-DPAt-a5Jr9dIRs5gJ44EM_P6Lcbg988xdVt2Fi-VoCAG_SpeTlreQLCYoA4ANruEOPrK5t1Rg4GKZ_7_ST30zBjYsZihB0sfEOA-aaZvEjhJDM31R5IqdMRrI2fOz6tI-hXKaeh_eKjemgPx4Om2m46ImBSjO2TgE-_951Jcy6MFjiK25iWiyY1A-9vCcnkVVJh8xkojQC5abCwkHQ_XsT3_9xcOqxkPJQwn3cG1AdqimZLqikCcJqy51yvwSms0aXR4WInxkrYvqmAFE-lUSca-GjVk49-lABv9Cajy6UBhv5MRj8tuKc6EhIZyJ6BW2RzvPmHIuh46F0pnlHqsufcXD8d54if5d1o1wAl6asa8HeILqjTPNa4hS1ElWvnlpZbW9idp4GJcNBO6WZ9UbysgLBP3j4GsYo-RhYp_rMzUnPwQKSiOfuAThTrK7uiYxPOPCEmzVNfyWtSecLY97YxWdy18TCEBEHDqyHmPkgKgMXnPC2xR555Qe-bNyz4_9Aan78jL7hPGzg_fwgL5X-9Oi20Pts_KcUoUhwu0698ciUhHDUOwFeygNnPRHWOzGcco25%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=8814289157631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: b26f903d50fe7cd2219665da3875c14d07537087c65c0a7cd446cd2dd2c73582

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 62216300067296704444476012358019
Connection: close
Content-Length: 1077
Expires: Sat, 17 Jun 2023 15:46:48 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=ca463df867&subid=&uid=60bc36485b71ced9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDv1wVMeNZIHMPLqH9fgP_I2g-AHM-YagaaOwx__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_QnNWtRabSddSVMoUCrgyFzgag0cHrebFewND3WPssxRdVxf_8gw778Yx7qon7P5FqFvJ9N3physnZ4g6egxeqFm3LAKtKaP0Vr6qRDjqoy3_DZseew4xTU0tNw-3DzMqA-orn-7ltujgJ4Z0x1etZGcKc8ro3iL-qRffeYpXvy18TtFWB95XE7-iHCb_jH5l4ovBsnytHBV1IAX_dy5iwjDumz2sDkX0_UFBplg7FvkfcRrmqABHHcR73qxufJGFSdPzUhHgNkD5HqfvlLE88rbOUqU2j1UtXhtqrj52hBhsss2V3wATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_2ys3igDX-6QYzv1fJks1p3FRMBgg%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-B3TyP_d4iP8DzYR4LljygyV_YAje-k_QTebXwtVigu1-41xwBHhQi5bnazf1HpiQvKZqiakP3Ri6vxecejFO88ErSwqJkPjIedUTA4vcixAPj-UFSVsvk99mmgdd0WtiQxNeeMVW1ug3Ncq35dZ1RtOtI88D5WxzsXAM2nGxkwbNlEFbA%26cry%3D1%26dbm_d%3DAKAmf-DPAt-a5Jr9dIRs5gJ44EM_P6Lcbg988xdVt2Fi-VoCAG_SpeTlreQLCYoA4ANruEOPrK5t1Rg4GKZ_7_ST30zBjYsZihB0sfEOA-aaZvEjhJDM31R5IqdMRrI2fOz6tI-hXKaeh_eKjemgPx4Om2m46ImBSjO2TgE-_951Jcy6MFjiK25iWiyY1A-9vCcnkVVJh8xkojQC5abCwkHQ_XsT3_9xcOqxkPJQwn3cG1AdqimZLqikCcJqy51yvwSms0aXR4WInxkrYvqmAFE-lUSca-GjVk49-lABv9Cajy6UBhv5MRj8tuKc6EhIZyJ6BW2RzvPmHIuh46F0pnlHqsufcXD8d54if5d1o1wAl6asa8HeILqjTPNa4hS1ElWvnlpZbW9idp4GJcNBO6WZ9UbysgLBP3j4GsYo-RhYp_rMzUnPwQKSiOfuAThTrK7uiYxPOPCEmzVNfyWtSecLY97YxWdy18TCEBEHDqyHmPkgKgMXnPC2xR555Qe-bNyz4_9Aan78jL7hPGzg_fwgL5X-9Oi20Pts_KcUoUhwu0698ciUhHDUOwFeygNnPRHWOzGcco25%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=8814289157631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 17 Jun 2023 15:46:48 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AF29 22 KB
8 KB 121ms
85ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 85534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 15:01:14 GMT
expires: Sat, 15 Jun 2024 15:01:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 1538 85 KB
22 KB 443ms
440ms XHR
application/x-javascript 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22133100650099823%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fro.gravity%22%2C%22width%22%3A450%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Afalse%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Frd.fharr.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19525.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007703163&__s=%3A%3Ajo5bcy&__hsi=7245666548039593281&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w&__csr=&locale=zh_TW&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yo/l/zh_TW/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1038b7a6e5e76ae822d248d92b358cf2c92f700c5f7e528d0d905c7bb60170ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: ea8sHW7sZl7uBHu31atqB9
Referer: https://www.facebook.com/v16.0/plugins/page.php?adapt_container_width=true&app_id=133100650099823&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a51f987bd944%26domain%3Drd.fharr.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frd.fharr.com%252Ff224541e61e27f%26relation%3Dparent.parent&container_width=0&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fro.gravity&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=450
X-ASBD-ID: 129477
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 14:46:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-fb-debug: wGi1Ma1bJJ4ncxqPoMfIfAl2CWiZ76ZqP6JIyS38Ird/DYxHvLxxAMcfKMU5uqqVwmfngSSHz/8rj+6sjz6Isw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 1538 1 KB
1001 B 72ms
71ms XHR
application/x-javascript 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yo/l/zh_TW/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90c0a243df0f03ba7aa4409ab6dc6f97326f93c9537edccbf57f7ee13e1ae7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: ea8sHW7sZl7uBHu31atqB9
Referer: https://www.facebook.com/v16.0/plugins/page.php?adapt_container_width=true&app_id=133100650099823&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a51f987bd944%26domain%3Drd.fharr.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frd.fharr.com%252Ff224541e61e27f%26relation%3Dparent.parent&container_width=0&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fro.gravity&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=450
X-ASBD-ID: 129477
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 14:46:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-fb-debug: gNgwN+IteGEJzh5BOWFe1T5Ac//H4yU8f27WiJyAmezZsD+ohBjLHW73FeFQWXg/k80z1z8Ls4Qx4TgYpkzW9g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK gjjhz7cdztxo Show response
hal9000.redintelligence.net/zone/ Frame F6C9 11 KB
4 KB 172ms
57ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/gjjhz7cdztxo?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa3VVMeNZIPMPLqH9fgP_I2g-AHM-Yagaeu7x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTtAU_QMJgXWD5oFKVi2ijfAesHqGEx7tBp19N46ifdQ3ozqj6_DmSe7qz-Y4Aywg0mIT0VvWnOtwHh1HXQ2NrhuS8F0y-RhmEQ-NS78DTGEXswcGdfGHGKShEBV6GyENV6RUnRlRulFZQjzdGeyb12xf81N_h-lRhPJsbOeHPuADp_8jT9UizlO7ZGe5-zMnSTS02LRoyRlCSgog_mSO7ZVEgoOn9EGXvM-PIy3Ouu8EGs0tbyD-XJ1IJo9HmpUUIA7wLtqJH91qqobD5H4Gi4-PtigjoouA9BKN_Q6el2LrR_z9zw9mRsadYhRgcsO8AE6uvMo-QD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_0KzQaiSH8x6cSPE_isZUxVEhfj2w%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-BV88o4uPobR2ZHK4CQa3KAOgCEPfNiEQlUzUtwCSD8pCRHhI0D2KwB5zpjQwcoqqct3bQP1IZ9TyIdiPG6FAWvAHtS5s5Wq3vqS5j4mmcHCb_slfiq6zl0Y6gwzqwOQ1-fNN3J44S4SxlVzqoXe6pj6pdH7logpbObuqwYw-mR04MxLxo%26cry%3D1%26dbm_d%3DAKAmf-D1uZtnoGDrcna7iDSJCd9Q5_mxfrQnUqfO14oPUQ63pUfhCFCaFlJ5p4bqe5uFzII77aSAm7zgWiXfabRrVHXFr3GXV_2hFlykQrQ5FoWZBN8v28CT0QztD2jNXNCQopPaM0mAZbmJWpNwbF9CzU-k-rTRusAgjRtYGMkZvKZLPam1xc3DgHCxw9vKiAuDBGtz19tM5jkeR7t7AoV6eWBe9E5pYHVmpNhX6oVCQvHkpHUbOgjPhHHoG1ICZlnTsohKOGOrIKMo7gbd4pwoLjCqSRIaN8t8w8mFog24xKGJ6N4ATt9SB1EBnB9yxndjmKyrgfP7ZXnOW-wT6wSnBL4V4u9-gbmAABBQUqu-ujWl4KRXU-2IFg-58vh3VFrx3uKnkz41ZKcNVR-yN8x4WckavhPHpjcTOhhetgkeIEozB9wlGAzw_OuXNQohIjxZKuD6sUcnhSOBQ3BWFZKikZIfWuHYUPR41NrxCSXJj6VeNBpp-7NgEzY-sSqkdknQLg0ZJG9CfPnIwRvOckhUUybWOq6TxlJc22LoHP9cqe06YDaDfATFuiQceACQb6DE-tpTva1F%26adurl%3D
Requested by: Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1f2b1d30247ea9c0b0b88b3dfe3bb77ab7cab508eddd472f839ee9a966e15055

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4129
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7EB3 102 B
133 B 64ms
63ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=SglpK98hSCn2CroR0bKRSJl5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9241464971b25d3cadd89db6c33064a48c97b04874c7ab6c12e97da5d371480a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJd5IUAAAAAB8sW7WNlAIqHyPeI1I7mKAdsOwF&co=aHR0cHM6Ly9yZC5maGFyci5jb206NDQz&hl=nl&v=SglpK98hSCn2CroR0bKRSJl5&size=invisible&cb=d23s1oexbr5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Sat, 17 Jun 2023 14:46:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 70C6 13 KB
5 KB 106ms
83ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:00:43 GMT
expires: Sun, 16 Jun 2024 14:00:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F1ED 783 B
534 B 77ms
55ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21f80442e5f3c3a6bc6e311f8c6cff749e1073d0780b2a92c3987654fa9a6257

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NMvEiEeQZnWsIjL-QA1YvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-NMvEiEeQZnWsIjL-QA1YvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:48 GMT
expires: Sat, 17 Jun 2023 14:46:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E1AD 22 KB
8 KB 139ms
123ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 85534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 15:01:14 GMT
expires: Sat, 15 Jun 2024 15:01:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.php Show response
hal90008.redintelligence.net/ Frame A984 2 KB
1 KB 278ms
137ms Script
application/x-javascript 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=8d4e7aafa6&subid=&uid=a848f98492965712&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTC89VMeNZILMPLqH9fgP_I2g-AHM-Yagafu5x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTpAU_QS7A6VKdlXvZ9bEh8R4jY79z6qDjLbysPwEi5ZbYHEFTVJi2us44YqFpsDH2ezh7qpSmZ60mIOHPk6Q4_tlaADbFRVHtmu3VAO9oLRnUT3Pm7GOeI-6bmRt0fjBLwHJjO7dbC30sOdn2H3Rj1s1ptho8ifz6bQdNo1jiRLu_FQ9gJ2SR04ssN9Be8t5ndSrzyFurDIESshyjUi-lnjV9nIpFCKQEH4gFDPhFJPwzLcXqXyLMU9F4XLQLNQejYyaT2pGKxtCtwAxYxcP8LFqnptd3CorSgPBud6JcmjF4XhNBHaGUe7ZnAwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_1r7Mr1PUPOF9DktC9pML79mWusqA%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-Devf706cZ2unwSVKgicKtevSodA6anSLoUxC6HRr0eU1-z0MWJN6maKEcTkhmTWtd8RAZU1-zL8CIf6FSEuhIFbIYlyfl7SWgmgBgtzr4AG8PbPDtgYEKF7DzHByM5Ibbz4gPHlYAnc2boO20jlgCahiie3qP7MRDS0P3HSkTzfmE-HaI%26cry%3D1%26dbm_d%3DAKAmf-B2lvxJFVhAFJnqUJG0X9cF-RJ2Lv_5KfPLNKLpAQQN8b2t6TEJPX-Zc6T1oI2efOZztKJG9mQAcjNfMXmr0fVmUxAKhMcPvbkayK4HoKltFt9I794VyrAWO5ebZACThVJ0C-dcVfSUNHuzLK7H4W4sIz25mBYavbsJ-YZF7-fL7QJpjPD2e2UDP_eAIpUlLbgdaXiKgNhQqpPNjcuS8v-6g5BjM_qO6lcpVFg61O0rSYiF7_APAAVrK6sFYYDG2B8Xk2TRd-17LPudeYRU4LmPQ3foC2SMk0Ykbk9Db14RESoxf5oXtdC9upksBL4mUc7_BUbKMbl96EbT0t9l1nfqFq3wJZCtJG1v0H5c4HtNRT4QhUz92LQ6zql0sD38eSuz0MtmqbkRRirelXW90qXcbF-3hiT5odqjz9uLV0wg2BZWN2htvAA3si69BZGrTvXerWctxzF6zu0inH57Mn-b3ISAVr15gzeiNyxMsOjrL21Ytg1t8Mrlyma9KvFkAy73lVICkMvB5uKFBstJEeSZLYR2PmB-TVjUfWcKZB4zk5Wun2z6W3Nx0ivqezSa6HZBBMHk%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=3518963344522&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/8e4hjwsd4phy?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTC89VMeNZILMPLqH9fgP_I2g-AHM-Yagafu5x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTpAU_QS7A6VKdlXvZ9bEh8R4jY79z6qDjLbysPwEi5ZbYHEFTVJi2us44YqFpsDH2ezh7qpSmZ60mIOHPk6Q4_tlaADbFRVHtmu3VAO9oLRnUT3Pm7GOeI-6bmRt0fjBLwHJjO7dbC30sOdn2H3Rj1s1ptho8ifz6bQdNo1jiRLu_FQ9gJ2SR04ssN9Be8t5ndSrzyFurDIESshyjUi-lnjV9nIpFCKQEH4gFDPhFJPwzLcXqXyLMU9F4XLQLNQejYyaT2pGKxtCtwAxYxcP8LFqnptd3CorSgPBud6JcmjF4XhNBHaGUe7ZnAwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_1r7Mr1PUPOF9DktC9pML79mWusqA%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-Devf706cZ2unwSVKgicKtevSodA6anSLoUxC6HRr0eU1-z0MWJN6maKEcTkhmTWtd8RAZU1-zL8CIf6FSEuhIFbIYlyfl7SWgmgBgtzr4AG8PbPDtgYEKF7DzHByM5Ibbz4gPHlYAnc2boO20jlgCahiie3qP7MRDS0P3HSkTzfmE-HaI%26cry%3D1%26dbm_d%3DAKAmf-B2lvxJFVhAFJnqUJG0X9cF-RJ2Lv_5KfPLNKLpAQQN8b2t6TEJPX-Zc6T1oI2efOZztKJG9mQAcjNfMXmr0fVmUxAKhMcPvbkayK4HoKltFt9I794VyrAWO5ebZACThVJ0C-dcVfSUNHuzLK7H4W4sIz25mBYavbsJ-YZF7-fL7QJpjPD2e2UDP_eAIpUlLbgdaXiKgNhQqpPNjcuS8v-6g5BjM_qO6lcpVFg61O0rSYiF7_APAAVrK6sFYYDG2B8Xk2TRd-17LPudeYRU4LmPQ3foC2SMk0Ykbk9Db14RESoxf5oXtdC9upksBL4mUc7_BUbKMbl96EbT0t9l1nfqFq3wJZCtJG1v0H5c4HtNRT4QhUz92LQ6zql0sD38eSuz0MtmqbkRRirelXW90qXcbF-3hiT5odqjz9uLV0wg2BZWN2htvAA3si69BZGrTvXerWctxzF6zu0inH57Mn-b3ISAVr15gzeiNyxMsOjrL21Ytg1t8Mrlyma9KvFkAy73lVICkMvB5uKFBstJEeSZLYR2PmB-TVjUfWcKZB4zk5Wun2z6W3Nx0ivqezSa6HZBBMHk%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0219d750c245f6ae193ceac33864c2eca2610d52cd3c045abb05e99fe50955e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 99253600071013804444450012358008
Connection: close
Content-Length: 757
Expires: Sat, 17 Jun 2023 15:46:48 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3971 22 KB
8 KB 67ms
66ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 85534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 15:01:14 GMT
expires: Sat, 15 Jun 2024 15:01:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 1538 198 B
542 B 34ms
33ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: wrfxQB2ffiNIdCCF/E4e9jEqb3fKViMfYYpRk41sJ8eaCm41fNemU5YNIZrE/CZuWL1g6ttyyT8HPUpHbASefw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 06 Jun 2024 19:24:24 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 100ms
84ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=rd.fharr.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
79ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rd.fharr.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/ Frame 1753 10 KB
4 KB 55ms
43ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 66598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 20:16:50 GMT
etag: 15057649708203361565
expires: Fri, 30 Jun 2023 20:16:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.php Show response
hal90008.redintelligence.net/ Frame F6C9 2 KB
1 KB 238ms
130ms Script
application/x-javascript 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=f424075228&subid=&uid=348c1e81c9c97325&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa3VVMeNZIPMPLqH9fgP_I2g-AHM-Yagaeu7x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTtAU_QMJgXWD5oFKVi2ijfAesHqGEx7tBp19N46ifdQ3ozqj6_DmSe7qz-Y4Aywg0mIT0VvWnOtwHh1HXQ2NrhuS8F0y-RhmEQ-NS78DTGEXswcGdfGHGKShEBV6GyENV6RUnRlRulFZQjzdGeyb12xf81N_h-lRhPJsbOeHPuADp_8jT9UizlO7ZGe5-zMnSTS02LRoyRlCSgog_mSO7ZVEgoOn9EGXvM-PIy3Ouu8EGs0tbyD-XJ1IJo9HmpUUIA7wLtqJH91qqobD5H4Gi4-PtigjoouA9BKN_Q6el2LrR_z9zw9mRsadYhRgcsO8AE6uvMo-QD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_0KzQaiSH8x6cSPE_isZUxVEhfj2w%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-BV88o4uPobR2ZHK4CQa3KAOgCEPfNiEQlUzUtwCSD8pCRHhI0D2KwB5zpjQwcoqqct3bQP1IZ9TyIdiPG6FAWvAHtS5s5Wq3vqS5j4mmcHCb_slfiq6zl0Y6gwzqwOQ1-fNN3J44S4SxlVzqoXe6pj6pdH7logpbObuqwYw-mR04MxLxo%26cry%3D1%26dbm_d%3DAKAmf-D1uZtnoGDrcna7iDSJCd9Q5_mxfrQnUqfO14oPUQ63pUfhCFCaFlJ5p4bqe5uFzII77aSAm7zgWiXfabRrVHXFr3GXV_2hFlykQrQ5FoWZBN8v28CT0QztD2jNXNCQopPaM0mAZbmJWpNwbF9CzU-k-rTRusAgjRtYGMkZvKZLPam1xc3DgHCxw9vKiAuDBGtz19tM5jkeR7t7AoV6eWBe9E5pYHVmpNhX6oVCQvHkpHUbOgjPhHHoG1ICZlnTsohKOGOrIKMo7gbd4pwoLjCqSRIaN8t8w8mFog24xKGJ6N4ATt9SB1EBnB9yxndjmKyrgfP7ZXnOW-wT6wSnBL4V4u9-gbmAABBQUqu-ujWl4KRXU-2IFg-58vh3VFrx3uKnkz41ZKcNVR-yN8x4WckavhPHpjcTOhhetgkeIEozB9wlGAzw_OuXNQohIjxZKuD6sUcnhSOBQ3BWFZKikZIfWuHYUPR41NrxCSXJj6VeNBpp-7NgEzY-sSqkdknQLg0ZJG9CfPnIwRvOckhUUybWOq6TxlJc22LoHP9cqe06YDaDfATFuiQceACQb6DE-tpTva1F%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=139875987956&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/gjjhz7cdztxo?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa3VVMeNZIPMPLqH9fgP_I2g-AHM-Yagaeu7x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTtAU_QMJgXWD5oFKVi2ijfAesHqGEx7tBp19N46ifdQ3ozqj6_DmSe7qz-Y4Aywg0mIT0VvWnOtwHh1HXQ2NrhuS8F0y-RhmEQ-NS78DTGEXswcGdfGHGKShEBV6GyENV6RUnRlRulFZQjzdGeyb12xf81N_h-lRhPJsbOeHPuADp_8jT9UizlO7ZGe5-zMnSTS02LRoyRlCSgog_mSO7ZVEgoOn9EGXvM-PIy3Ouu8EGs0tbyD-XJ1IJo9HmpUUIA7wLtqJH91qqobD5H4Gi4-PtigjoouA9BKN_Q6el2LrR_z9zw9mRsadYhRgcsO8AE6uvMo-QD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_0KzQaiSH8x6cSPE_isZUxVEhfj2w%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-BV88o4uPobR2ZHK4CQa3KAOgCEPfNiEQlUzUtwCSD8pCRHhI0D2KwB5zpjQwcoqqct3bQP1IZ9TyIdiPG6FAWvAHtS5s5Wq3vqS5j4mmcHCb_slfiq6zl0Y6gwzqwOQ1-fNN3J44S4SxlVzqoXe6pj6pdH7logpbObuqwYw-mR04MxLxo%26cry%3D1%26dbm_d%3DAKAmf-D1uZtnoGDrcna7iDSJCd9Q5_mxfrQnUqfO14oPUQ63pUfhCFCaFlJ5p4bqe5uFzII77aSAm7zgWiXfabRrVHXFr3GXV_2hFlykQrQ5FoWZBN8v28CT0QztD2jNXNCQopPaM0mAZbmJWpNwbF9CzU-k-rTRusAgjRtYGMkZvKZLPam1xc3DgHCxw9vKiAuDBGtz19tM5jkeR7t7AoV6eWBe9E5pYHVmpNhX6oVCQvHkpHUbOgjPhHHoG1ICZlnTsohKOGOrIKMo7gbd4pwoLjCqSRIaN8t8w8mFog24xKGJ6N4ATt9SB1EBnB9yxndjmKyrgfP7ZXnOW-wT6wSnBL4V4u9-gbmAABBQUqu-ujWl4KRXU-2IFg-58vh3VFrx3uKnkz41ZKcNVR-yN8x4WckavhPHpjcTOhhetgkeIEozB9wlGAzw_OuXNQohIjxZKuD6sUcnhSOBQ3BWFZKikZIfWuHYUPR41NrxCSXJj6VeNBpp-7NgEzY-sSqkdknQLg0ZJG9CfPnIwRvOckhUUybWOq6TxlJc22LoHP9cqe06YDaDfATFuiQceACQb6DE-tpTva1F%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a4935762ec63674cc13ccc41fd54ec5027f082deacc68056424bea1d295e73fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 11776700071013904444454012358008
Connection: close
Content-Length: 759
Expires: Sat, 17 Jun 2023 15:46:48 +0200

GET
H3 200 TIRnAdBDYMw.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/1,cross/ Frame 1538 13 KB
3 KB 49ms
40ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/1,cross/TIRnAdBDYMw.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a336f938df1799e3c499b69ff353abbfb8cc981692bcab0d013423bf171991a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VTxm7MNIQFtNmz+2wnyRNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3512
x-fb-debug: Tk8IM4dL3fR9JX3gi+7Td+BKsWBUCUuAmZSyQi/UemnvrMc09/fw0vWc+ZbcgPVUtfuvmF+/L3YUbGoCQkb99g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Sat, 15 Jun 2024 17:01:30 GMT

GET
H3 200 OddrI9NOuB_.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/ Frame 1538 10 KB
3 KB 58ms
49ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/OddrI9NOuB_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2505d4c9a43f8f751b4b69a694e351cc3f2158a8cde9f80596339acc61f26c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: j7j4H8Jvwsy4L0hYMYrRBw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2568
x-fb-debug: PW7oPIZryHSUsIRV3Vn//XhegN1wECENac5VqwcWO4SCEQT+HJNpE1O4uvrJrW2F4xnw2oX7Kq+flIFz38ahsA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Thu, 13 Jun 2024 20:15:25 GMT

GET
H3 200 qF8yd4E6oIF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 1538 35 KB
11 KB 54ms
45ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/qF8yd4E6oIF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96c20a37b32eebd3eb387277fff9778f7ef32655ac88870d45477c9e2a313dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OtlZXoYY9rHUJrC8eZDA6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11561
x-fb-debug: PouYQ79Nlbv3pJmZqyBBr7NzUSgh1XRCUs02biR25TuvF7HpVj766X3PdHlbNamPN1To8E2E+xIfR8xdiMUgaQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 15 Jun 2024 15:45:58 GMT

GET
DATA 200
OK truncated
/ Frame 1538 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09220d95a594d96edb7b812467cb4c048aca524c1876a229930879e64b28148b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 Qlj2f8M1fRU.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 1538 64 KB
17 KB 58ms
50ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/Qlj2f8M1fRU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7694573a86f303cabb2d2c27064dcaf58e0df866a47ccf73d14a6b682bf7450b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: l03F0wvFW6lQhOoFpr15Ew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16971
x-fb-rlafr: 0
x-fb-debug: 2R5mVNSZpoETuetrejw5ST5qEZU+GEryv/SIvOVzDaWcorYAfz6O9kyQxucmD19oK3E2VYCVyyMlf6+Fl8mELQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sun, 09 Jun 2024 17:44:13 GMT

GET
H3 200 3P2oB1R2XCB.js Show response
static.xx.fbcdn.net/rsrc.php/v3illq4/yL/l/zh_TW/ Frame 1538 25 KB
7 KB 84ms
76ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3illq4/yL/l/zh_TW/3P2oB1R2XCB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

317fb189a6528a51b99d6d0c1220b8b1e746ae8fa65d9d28da6bfbc51c2976c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4n4uOKwA2pN6S2ZhZCgFcQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7510
x-fb-debug: XpSNSJKC3XfPD/N3M7aRwiaMjMFAkab6AH8jSiMP70y3O0heyTUed9e6QGEHvJlAhKJAxrHc0xl7isET1eKRGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Wed, 12 Jun 2024 18:26:46 GMT

GET
H3 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 1538 25 KB
10 KB 86ms
78ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
x-fb-debug: VNd+U/vEa4uIUX/VY3UaQjnij6TRU7TOEhfb81ZeKqclOZGuMkt8wfjtctwdGamV48o4j8D10g2sMqI2hOfmmQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Thu, 13 Jun 2024 16:41:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ Frame 1891 352 KB
118 KB 144ms
126ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8211648974049874&plah=rd.fharr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

babe958c663405703435abb942cd103f0e82a25390d4fe0cebfc0a67bbdca37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120775
x-xss-protection: 0
server: cafe
etag: 11216145295264284050
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:48 GMT

GET
DATA 200
OK truncated
/ Frame 1891 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5c0c6930922c171056ee7d7cb948b09f7808fb9c0f27ef97802ea05ab4de5d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7EB3 33 KB
19 KB 90ms
89ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfJd5IUAAAAAB8sW7WNlAIqHyPeI1I7mKAdsOwF

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61ed0d4e0aedf9a656caf40237e6aef9ad2ea0f41e5c8e3a4d6daaab679dfba1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJd5IUAAAAAB8sW7WNlAIqHyPeI1I7mKAdsOwF&co=aHR0cHM6Ly9yZC5maGFyci5jb206NDQz&hl=nl&v=SglpK98hSCn2CroR0bKRSJl5&size=invisible&cb=d23s1oexbr5e
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19095
x-xss-protection: 1; mode=block
expires: Sat, 17 Jun 2023 14:46:48 GMT

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 49A0 43 B
702 B 259ms
155ms Document
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=62216300067296704444476012358019&pv=1

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=ca463df867&subid=&uid=60bc36485b71ced9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDv1wVMeNZIHMPLqH9fgP_I2g-AHM-YagaaOwx__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_QnNWtRabSddSVMoUCrgyFzgag0cHrebFewND3WPssxRdVxf_8gw778Yx7qon7P5FqFvJ9N3physnZ4g6egxeqFm3LAKtKaP0Vr6qRDjqoy3_DZseew4xTU0tNw-3DzMqA-orn-7ltujgJ4Z0x1etZGcKc8ro3iL-qRffeYpXvy18TtFWB95XE7-iHCb_jH5l4ovBsnytHBV1IAX_dy5iwjDumz2sDkX0_UFBplg7FvkfcRrmqABHHcR73qxufJGFSdPzUhHgNkD5HqfvlLE88rbOUqU2j1UtXhtqrj52hBhsss2V3wATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_2ys3igDX-6QYzv1fJks1p3FRMBgg%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-B3TyP_d4iP8DzYR4LljygyV_YAje-k_QTebXwtVigu1-41xwBHhQi5bnazf1HpiQvKZqiakP3Ri6vxecejFO88ErSwqJkPjIedUTA4vcixAPj-UFSVsvk99mmgdd0WtiQxNeeMVW1ug3Ncq35dZ1RtOtI88D5WxzsXAM2nGxkwbNlEFbA%26cry%3D1%26dbm_d%3DAKAmf-DPAt-a5Jr9dIRs5gJ44EM_P6Lcbg988xdVt2Fi-VoCAG_SpeTlreQLCYoA4ANruEOPrK5t1Rg4GKZ_7_ST30zBjYsZihB0sfEOA-aaZvEjhJDM31R5IqdMRrI2fOz6tI-hXKaeh_eKjemgPx4Om2m46ImBSjO2TgE-_951Jcy6MFjiK25iWiyY1A-9vCcnkVVJh8xkojQC5abCwkHQ_XsT3_9xcOqxkPJQwn3cG1AdqimZLqikCcJqy51yvwSms0aXR4WInxkrYvqmAFE-lUSca-GjVk49-lABv9Cajy6UBhv5MRj8tuKc6EhIZyJ6BW2RzvPmHIuh46F0pnlHqsufcXD8d54if5d1o1wAl6asa8HeILqjTPNa4hS1ElWvnlpZbW9idp4GJcNBO6WZ9UbysgLBP3j4GsYo-RhYp_rMzUnPwQKSiOfuAThTrK7uiYxPOPCEmzVNfyWtSecLY97YxWdy18TCEBEHDqyHmPkgKgMXnPC2xR555Qe-bNyz4_9Aan78jL7hPGzg_fwgL5X-9Oi20Pts_KcUoUhwu0698ciUhHDUOwFeygNnPRHWOzGcco25%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=8814289157631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Jun 2023 14:46:48 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 34C6 435 B
913 B 184ms
79ms Script
text/javascript 52.214.187.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=62216300067296704444476012358019&t=js&wid=tt-7a2ea2
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.187.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-187-105.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 33aef3cbe4e75cf957c862f18d3a98ab3e605c59048c8fea4f29b844081f6443

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 17 Jun 2023 14:46:48 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK request_content.php Show response
hal900019.redintelligence.net/ Frame E11A 7 KB
2 KB 152ms
49ms Document
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=ca463df867&subid=&uid=60bc36485b71ced9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDv1wVMeNZIHMPLqH9fgP_I2g-AHM-YagaaOwx__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_QnNWtRabSddSVMoUCrgyFzgag0cHrebFewND3WPssxRdVxf_8gw778Yx7qon7P5FqFvJ9N3physnZ4g6egxeqFm3LAKtKaP0Vr6qRDjqoy3_DZseew4xTU0tNw-3DzMqA-orn-7ltujgJ4Z0x1etZGcKc8ro3iL-qRffeYpXvy18TtFWB95XE7-iHCb_jH5l4ovBsnytHBV1IAX_dy5iwjDumz2sDkX0_UFBplg7FvkfcRrmqABHHcR73qxufJGFSdPzUhHgNkD5HqfvlLE88rbOUqU2j1UtXhtqrj52hBhsss2V3wATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_2ys3igDX-6QYzv1fJks1p3FRMBgg%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-B3TyP_d4iP8DzYR4LljygyV_YAje-k_QTebXwtVigu1-41xwBHhQi5bnazf1HpiQvKZqiakP3Ri6vxecejFO88ErSwqJkPjIedUTA4vcixAPj-UFSVsvk99mmgdd0WtiQxNeeMVW1ug3Ncq35dZ1RtOtI88D5WxzsXAM2nGxkwbNlEFbA%26cry%3D1%26dbm_d%3DAKAmf-DPAt-a5Jr9dIRs5gJ44EM_P6Lcbg988xdVt2Fi-VoCAG_SpeTlreQLCYoA4ANruEOPrK5t1Rg4GKZ_7_ST30zBjYsZihB0sfEOA-aaZvEjhJDM31R5IqdMRrI2fOz6tI-hXKaeh_eKjemgPx4Om2m46ImBSjO2TgE-_951Jcy6MFjiK25iWiyY1A-9vCcnkVVJh8xkojQC5abCwkHQ_XsT3_9xcOqxkPJQwn3cG1AdqimZLqikCcJqy51yvwSms0aXR4WInxkrYvqmAFE-lUSca-GjVk49-lABv9Cajy6UBhv5MRj8tuKc6EhIZyJ6BW2RzvPmHIuh46F0pnlHqsufcXD8d54if5d1o1wAl6asa8HeILqjTPNa4hS1ElWvnlpZbW9idp4GJcNBO6WZ9UbysgLBP3j4GsYo-RhYp_rMzUnPwQKSiOfuAThTrK7uiYxPOPCEmzVNfyWtSecLY97YxWdy18TCEBEHDqyHmPkgKgMXnPC2xR555Qe-bNyz4_9Aan78jL7hPGzg_fwgL5X-9Oi20Pts_KcUoUhwu0698ciUhHDUOwFeygNnPRHWOzGcco25%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=8814289157631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 5fcfbe94a22911a2bd3784842a3b4e445a48e5c00922400fbd8e97bab68134aa

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2177
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Jun 2023 14:46:48 GMT
Expires: Sat, 17 Jun 2023 15:46:48 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 34C6 43 B
703 B 205ms
103ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2224451&v=15314&q=344291&r=235229&pref1=62216300067296704444476012358019&pv=1

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:48 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1753 4 KB
1 KB 126ms
45ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 13:42:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:46:48 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1753 205 B
229 B 64ms
62ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 11:57:16 GMT
x-content-type-options: nosniff
age: 10172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jun 2024 11:57:16 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1753 604 B
628 B 67ms
64ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:07:29 GMT
x-content-type-options: nosniff
age: 2359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jun 2024 14:07:29 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 1753 22 KB
9 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab296b2bb2aecd4942237b656e45565beb04d9e73c45346a60e1d92616aeaae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9409
x-xss-protection: 0
server: cafe
etag: 7294307571184633120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:42:54 GMT

GET
DATA 200
OK truncated
/ Frame 34C6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c274fa914d525f1adb9729814e89cedc463f98ecbfb12e3ad6fe10ed05b916e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame AF29 37 KB
14 KB 70ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F1ED 0
0 107ms
104ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306060101&jk=1918034560561761&rc=null
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E1AD 37 KB
14 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 1538 0
0 134ms
133ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv16.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D133100650099823%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df7a51f987bd944%2526domain%253Drd.fharr.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Frd.fharr.com%25252Ff224541e61e27f%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fro.gravity%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D450

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v16.0/plugins/page.php?adapt_container_width=true&app_id=133100650099823&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a51f987bd944%26domain%3Drd.fharr.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frd.fharr.com%252Ff224541e61e27f%26relation%3Dparent.parent&container_width=0&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fro.gravity&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=450
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 17 Jun 2023 14:46:48 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: DUB9nS+3qZ21zxxFkIivKiTTuvSHCYdmJrVvuFHPRkP2iwYEsI04v7P4QETyTbhcmB77mwh74BkBFZApmPgi5A==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3971 37 KB
14 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 8A3B 43 B
701 B 181ms
110ms Document
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=1031723&v=8472&q=318383&r=235229&pref1=99253600071013804444450012358008&pv=1

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=8d4e7aafa6&subid=&uid=a848f98492965712&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTC89VMeNZILMPLqH9fgP_I2g-AHM-Yagafu5x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTpAU_QS7A6VKdlXvZ9bEh8R4jY79z6qDjLbysPwEi5ZbYHEFTVJi2us44YqFpsDH2ezh7qpSmZ60mIOHPk6Q4_tlaADbFRVHtmu3VAO9oLRnUT3Pm7GOeI-6bmRt0fjBLwHJjO7dbC30sOdn2H3Rj1s1ptho8ifz6bQdNo1jiRLu_FQ9gJ2SR04ssN9Be8t5ndSrzyFurDIESshyjUi-lnjV9nIpFCKQEH4gFDPhFJPwzLcXqXyLMU9F4XLQLNQejYyaT2pGKxtCtwAxYxcP8LFqnptd3CorSgPBud6JcmjF4XhNBHaGUe7ZnAwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_1r7Mr1PUPOF9DktC9pML79mWusqA%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-Devf706cZ2unwSVKgicKtevSodA6anSLoUxC6HRr0eU1-z0MWJN6maKEcTkhmTWtd8RAZU1-zL8CIf6FSEuhIFbIYlyfl7SWgmgBgtzr4AG8PbPDtgYEKF7DzHByM5Ibbz4gPHlYAnc2boO20jlgCahiie3qP7MRDS0P3HSkTzfmE-HaI%26cry%3D1%26dbm_d%3DAKAmf-B2lvxJFVhAFJnqUJG0X9cF-RJ2Lv_5KfPLNKLpAQQN8b2t6TEJPX-Zc6T1oI2efOZztKJG9mQAcjNfMXmr0fVmUxAKhMcPvbkayK4HoKltFt9I794VyrAWO5ebZACThVJ0C-dcVfSUNHuzLK7H4W4sIz25mBYavbsJ-YZF7-fL7QJpjPD2e2UDP_eAIpUlLbgdaXiKgNhQqpPNjcuS8v-6g5BjM_qO6lcpVFg61O0rSYiF7_APAAVrK6sFYYDG2B8Xk2TRd-17LPudeYRU4LmPQ3foC2SMk0Ykbk9Db14RESoxf5oXtdC9upksBL4mUc7_BUbKMbl96EbT0t9l1nfqFq3wJZCtJG1v0H5c4HtNRT4QhUz92LQ6zql0sD38eSuz0MtmqbkRRirelXW90qXcbF-3hiT5odqjz9uLV0wg2BZWN2htvAA3si69BZGrTvXerWctxzF6zu0inH57Mn-b3ISAVr15gzeiNyxMsOjrL21Ytg1t8Mrlyma9KvFkAy73lVICkMvB5uKFBstJEeSZLYR2PmB-TVjUfWcKZB4zk5Wun2z6W3Nx0ivqezSa6HZBBMHk%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=3518963344522&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Jun 2023 14:46:49 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 42BD 43 B
702 B 157ms
85ms Document
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2739664&v=8462&q=320784&r=235229&pref1=99253600071013804444450012358008&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Jun 2023 14:46:48 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame C7FC 7 KB
3 KB 171ms
56ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=8d4e7aafa6&subid=&uid=a848f98492965712&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTC89VMeNZILMPLqH9fgP_I2g-AHM-Yagafu5x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTpAU_QS7A6VKdlXvZ9bEh8R4jY79z6qDjLbysPwEi5ZbYHEFTVJi2us44YqFpsDH2ezh7qpSmZ60mIOHPk6Q4_tlaADbFRVHtmu3VAO9oLRnUT3Pm7GOeI-6bmRt0fjBLwHJjO7dbC30sOdn2H3Rj1s1ptho8ifz6bQdNo1jiRLu_FQ9gJ2SR04ssN9Be8t5ndSrzyFurDIESshyjUi-lnjV9nIpFCKQEH4gFDPhFJPwzLcXqXyLMU9F4XLQLNQejYyaT2pGKxtCtwAxYxcP8LFqnptd3CorSgPBud6JcmjF4XhNBHaGUe7ZnAwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_1r7Mr1PUPOF9DktC9pML79mWusqA%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-Devf706cZ2unwSVKgicKtevSodA6anSLoUxC6HRr0eU1-z0MWJN6maKEcTkhmTWtd8RAZU1-zL8CIf6FSEuhIFbIYlyfl7SWgmgBgtzr4AG8PbPDtgYEKF7DzHByM5Ibbz4gPHlYAnc2boO20jlgCahiie3qP7MRDS0P3HSkTzfmE-HaI%26cry%3D1%26dbm_d%3DAKAmf-B2lvxJFVhAFJnqUJG0X9cF-RJ2Lv_5KfPLNKLpAQQN8b2t6TEJPX-Zc6T1oI2efOZztKJG9mQAcjNfMXmr0fVmUxAKhMcPvbkayK4HoKltFt9I794VyrAWO5ebZACThVJ0C-dcVfSUNHuzLK7H4W4sIz25mBYavbsJ-YZF7-fL7QJpjPD2e2UDP_eAIpUlLbgdaXiKgNhQqpPNjcuS8v-6g5BjM_qO6lcpVFg61O0rSYiF7_APAAVrK6sFYYDG2B8Xk2TRd-17LPudeYRU4LmPQ3foC2SMk0Ykbk9Db14RESoxf5oXtdC9upksBL4mUc7_BUbKMbl96EbT0t9l1nfqFq3wJZCtJG1v0H5c4HtNRT4QhUz92LQ6zql0sD38eSuz0MtmqbkRRirelXW90qXcbF-3hiT5odqjz9uLV0wg2BZWN2htvAA3si69BZGrTvXerWctxzF6zu0inH57Mn-b3ISAVr15gzeiNyxMsOjrL21Ytg1t8Mrlyma9KvFkAy73lVICkMvB5uKFBstJEeSZLYR2PmB-TVjUfWcKZB4zk5Wun2z6W3Nx0ivqezSa6HZBBMHk%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=3518963344522&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4fbbc81b532d66130532bbc78dfe1042e7d3bcb635308b5dee10e958d61cb25f

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2345
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Jun 2023 14:46:48 GMT
Expires: Sat, 17 Jun 2023 15:46:48 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET 354043351_639357331548921_2153896423364903803_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET 352517432_297727896147201_3220230476297656825_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-1/ Frame 1538 0
0

GET 353668984_638880131596641_4453071373186895284_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET 352521227_636443628506958_5983551967134334363_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET 353046201_637132485104739_7451310794531979742_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET 353062649_637132578438063_7702816375906027618_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET 353068806_637132538438067_358936261873703052_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET 352988844_637132561771398_2411123245666744617_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET 353420883_637132591771395_2232989604887196020_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET 352208807_3568634106688670_8108430070479242451_n.jpg
scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 1538 0
0

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 63C8 43 B
701 B 141ms
103ms Document
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=1031723&v=8472&q=318383&r=235229&pref1=11776700071013904444454012358008&pv=1

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=f424075228&subid=&uid=348c1e81c9c97325&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa3VVMeNZIPMPLqH9fgP_I2g-AHM-Yagaeu7x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTtAU_QMJgXWD5oFKVi2ijfAesHqGEx7tBp19N46ifdQ3ozqj6_DmSe7qz-Y4Aywg0mIT0VvWnOtwHh1HXQ2NrhuS8F0y-RhmEQ-NS78DTGEXswcGdfGHGKShEBV6GyENV6RUnRlRulFZQjzdGeyb12xf81N_h-lRhPJsbOeHPuADp_8jT9UizlO7ZGe5-zMnSTS02LRoyRlCSgog_mSO7ZVEgoOn9EGXvM-PIy3Ouu8EGs0tbyD-XJ1IJo9HmpUUIA7wLtqJH91qqobD5H4Gi4-PtigjoouA9BKN_Q6el2LrR_z9zw9mRsadYhRgcsO8AE6uvMo-QD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_0KzQaiSH8x6cSPE_isZUxVEhfj2w%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-BV88o4uPobR2ZHK4CQa3KAOgCEPfNiEQlUzUtwCSD8pCRHhI0D2KwB5zpjQwcoqqct3bQP1IZ9TyIdiPG6FAWvAHtS5s5Wq3vqS5j4mmcHCb_slfiq6zl0Y6gwzqwOQ1-fNN3J44S4SxlVzqoXe6pj6pdH7logpbObuqwYw-mR04MxLxo%26cry%3D1%26dbm_d%3DAKAmf-D1uZtnoGDrcna7iDSJCd9Q5_mxfrQnUqfO14oPUQ63pUfhCFCaFlJ5p4bqe5uFzII77aSAm7zgWiXfabRrVHXFr3GXV_2hFlykQrQ5FoWZBN8v28CT0QztD2jNXNCQopPaM0mAZbmJWpNwbF9CzU-k-rTRusAgjRtYGMkZvKZLPam1xc3DgHCxw9vKiAuDBGtz19tM5jkeR7t7AoV6eWBe9E5pYHVmpNhX6oVCQvHkpHUbOgjPhHHoG1ICZlnTsohKOGOrIKMo7gbd4pwoLjCqSRIaN8t8w8mFog24xKGJ6N4ATt9SB1EBnB9yxndjmKyrgfP7ZXnOW-wT6wSnBL4V4u9-gbmAABBQUqu-ujWl4KRXU-2IFg-58vh3VFrx3uKnkz41ZKcNVR-yN8x4WckavhPHpjcTOhhetgkeIEozB9wlGAzw_OuXNQohIjxZKuD6sUcnhSOBQ3BWFZKikZIfWuHYUPR41NrxCSXJj6VeNBpp-7NgEzY-sSqkdknQLg0ZJG9CfPnIwRvOckhUUybWOq6TxlJc22LoHP9cqe06YDaDfATFuiQceACQb6DE-tpTva1F%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=139875987956&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Jun 2023 14:46:49 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 3B25 43 B
702 B 260ms
185ms Document
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2739664&v=8462&q=320784&r=235229&pref1=11776700071013904444454012358008&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Jun 2023 14:46:49 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 943C 7 KB
3 KB 180ms
47ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=f424075228&subid=&uid=348c1e81c9c97325&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa3VVMeNZIPMPLqH9fgP_I2g-AHM-Yagaeu7x__3D_AuEAEg9czCcGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTtAU_QMJgXWD5oFKVi2ijfAesHqGEx7tBp19N46ifdQ3ozqj6_DmSe7qz-Y4Aywg0mIT0VvWnOtwHh1HXQ2NrhuS8F0y-RhmEQ-NS78DTGEXswcGdfGHGKShEBV6GyENV6RUnRlRulFZQjzdGeyb12xf81N_h-lRhPJsbOeHPuADp_8jT9UizlO7ZGe5-zMnSTS02LRoyRlCSgog_mSO7ZVEgoOn9EGXvM-PIy3Ouu8EGs0tbyD-XJ1IJo9HmpUUIA7wLtqJH91qqobD5H4Gi4-PtigjoouA9BKN_Q6el2LrR_z9zw9mRsadYhRgcsO8AE6uvMo-QD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB%26sig%3DAOD64_0KzQaiSH8x6cSPE_isZUxVEhfj2w%26client%3Dca-pub-1310852604335254%26dbm_c%3DAKAmf-BV88o4uPobR2ZHK4CQa3KAOgCEPfNiEQlUzUtwCSD8pCRHhI0D2KwB5zpjQwcoqqct3bQP1IZ9TyIdiPG6FAWvAHtS5s5Wq3vqS5j4mmcHCb_slfiq6zl0Y6gwzqwOQ1-fNN3J44S4SxlVzqoXe6pj6pdH7logpbObuqwYw-mR04MxLxo%26cry%3D1%26dbm_d%3DAKAmf-D1uZtnoGDrcna7iDSJCd9Q5_mxfrQnUqfO14oPUQ63pUfhCFCaFlJ5p4bqe5uFzII77aSAm7zgWiXfabRrVHXFr3GXV_2hFlykQrQ5FoWZBN8v28CT0QztD2jNXNCQopPaM0mAZbmJWpNwbF9CzU-k-rTRusAgjRtYGMkZvKZLPam1xc3DgHCxw9vKiAuDBGtz19tM5jkeR7t7AoV6eWBe9E5pYHVmpNhX6oVCQvHkpHUbOgjPhHHoG1ICZlnTsohKOGOrIKMo7gbd4pwoLjCqSRIaN8t8w8mFog24xKGJ6N4ATt9SB1EBnB9yxndjmKyrgfP7ZXnOW-wT6wSnBL4V4u9-gbmAABBQUqu-ujWl4KRXU-2IFg-58vh3VFrx3uKnkz41ZKcNVR-yN8x4WckavhPHpjcTOhhetgkeIEozB9wlGAzw_OuXNQohIjxZKuD6sUcnhSOBQ3BWFZKikZIfWuHYUPR41NrxCSXJj6VeNBpp-7NgEzY-sSqkdknQLg0ZJG9CfPnIwRvOckhUUybWOq6TxlJc22LoHP9cqe06YDaDfATFuiQceACQb6DE-tpTva1F%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com&random=139875987956&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e63cfce7916c0c368054245b30d30cd42cfd7ef6eaf5f7db9966f803133c9470

Request headers

Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2291
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Jun 2023 14:46:49 GMT
Expires: Sat, 17 Jun 2023 15:46:49 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 70C6 37 KB
14 KB 78ms
66ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E11A 5 KB
755 B 59ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 12:55:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:46:48 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E11A 14 KB
14 KB 162ms
53ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/211221_banners_megekko_affiliate_2_1200x627.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1df83e942691621a55cb416efaeb2073378451b2a1be8611bc90b13c5f88b236

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13983
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E11A 16 KB
16 KB 149ms
51ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52703/creativesup/sfeerbanner_1200x672.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c0e09611e92094f3c9baec913304b7d20362b0c4fc14076026a2423c2616669c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16260
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

imglaudius-nl-logo-120x60-1576844293931.png
a1.awin1.com/ads/awin/8177/ Frame E11A
Redirect Chain

https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=62216300067296704444476012358019&pv=0
https://ui2.awin.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png

10 KB
10 KB

580ms
83ms

Image
image/png

65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
Protocol: H2
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91d149cdc0eba46d8512f56fe0f1312aec78279f103bfd77a415c41d1ddc7236

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: _x3EAs_goRVum4q7VVzSAbzinA_eg4Ee
date: Sat, 17 Jun 2023 04:19:23 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 37831
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10103
last-modified: Fri, 29 Jul 2022 15:14:21 GMT
server: AmazonS3
etag: "cb129a4dff86158296c0cf089661dd23"
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
x-amz-cf-id: ClWd0hWSuwmB6cHKDc-8OSqEjipLQz4e5pt_vovgJTNHx3DRoacsrw==

Redirect headers

location: https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
date: Sat, 17 Jun 2023 14:46:49 GMT
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1891 12 B
100 B 42ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rd.fharr.com&callback=_gfp_s_&client=ca-pub-8211648974049874&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1891 107 B
122 B 74ms
74ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rd.fharr.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51E0 25 KB
12 KB 339ms
339ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5904443e770d930786e074f002f77e13801539e2f3fcdde184253024d3b3faaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11872
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C7FC 2 KB
434 B 78ms
73ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 13:50:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:46:49 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C7FC 12 KB
12 KB 168ms
53ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/62900/creativesup/NativeAd_1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: eb7eb4eb29a65cc9175350c558349927beb7a28cbdcb79185f069b6fe56e3a20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12403
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C7FC 14 KB
14 KB 259ms
146ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/56047/creativesup/frauen_highheels_1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 67c48505bd1b0579ee678bf5356b5c647fe4ae48b06800f212ed39b34b87f777

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14555
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 7BD0 14 KB
1 KB 73ms
73ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:03:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:46:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 7BD0 2 KB
892 B 67ms
66ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 7BD0 22 KB
9 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F7D6 143 B
166 B 38ms
36ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 7BD0 3 KB
1 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2E29 1 KB
643 B 79ms
68ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Sun, 18 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 7BD0 19 KB
8 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BD0 178 KB
56 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:49 GMT

GET
H3 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame 7BD0 32 KB
13 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 03:26:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 943C 5 KB
682 B 74ms
72ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:46:49 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 943C 12 KB
12 KB 141ms
47ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/62900/creativesup/NativeAd_1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: eb7eb4eb29a65cc9175350c558349927beb7a28cbdcb79185f069b6fe56e3a20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12403
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 943C 14 KB
14 KB 195ms
100ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/56047/creativesup/frauen_highheels_1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 67c48505bd1b0579ee678bf5356b5c647fe4ae48b06800f212ed39b34b87f777

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14555
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900019.redintelligence.net/ Frame E11A 0
150 B 140ms
47ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/viewability?s=62216300067296704444476012358019&a=e418316a&vb=m
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

593277e724e539a889cc3a836755cb51039a9d.jpg
static.tradetracker.net/nl/material_image/f0/ Frame 34C6
Redirect Chain

https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=62216300067296704444476012358019&t=html
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg

85 KB
85 KB

756ms
96ms

Image
image/jpeg

2600:9000:21f3:2c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
Requested by: Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:21f3:2c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6cc104d434bb05638dc6b0bf53723ae64180c777ba294308f3d87fc804a58b19

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:13 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
last-modified: Tue, 21 Dec 2021 13:45:41 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 226
etag: "61c1da85-153c4"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 86980
x-amz-cf-id: RhXbGCKTPriaV2SgujV1Md5REL7paRyU0OC85FqXUH-7ChOqBfxjag==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
date: Sat, 17 Jun 2023 14:46:49 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
server: nginx
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame E11A 14 KB
15 KB 38ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900019.redintelligence.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 417288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 18:52:01 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame E11A 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900019.redintelligence.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 417288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 18:52:01 GMT

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame C7FC 0
150 B 179ms
56ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=99253600071013804444450012358008&a=723b8a2b&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 943C 0
150 B 155ms
53ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=11776700071013904444454012358008&a=54429393&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:49 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
ti.tradetracker.net/ Frame C7FC 434 B
699 B 88ms
76ms Script
text/javascript 52.214.187.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=99253600071013804444450012358008&t=js&wid=tt-208d7d
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.187.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-187-105.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e60e7c2069a17a63f821501882862d441e088dd58584f5b7f71929f356b5b871

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 17 Jun 2023 14:46:49 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2E29 35 B
464 B 650ms
85ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKF-QYn6WkCuwxOR8aN4-n0&google_cver=1&google_push=ATf1kGNtEsWtQnMtvFUg16YuxnFifGtKipgDU1XCVIIijgS0l7RWxO2GdW354cWeQAW36PRWSQItGMmcCRQPNCxclq0KwR3ZAgpy0g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E29
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEzx4H9ufQSj6DBKbR_3ses&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEzx4H9ufQSj6DBKbR_3ses&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3A5TTBnMHIxUWF4Y3U1&google_gid=CAESEEzx4H9ufQSj6DBKbR_3ses&google_cver=1&google_push=ATf1kGMcquYy8C6kd3Wo2PRtNSfXMfphq-e5LXkxDaDyp9A...

170 B
188 B

101ms
92ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3A5TTBnMHIxUWF4Y3U1&google_gid=CAESEEzx4H9ufQSj6DBKbR_3ses&google_cver=1&google_push=ATf1kGMcquYy8C6kd3Wo2PRtNSfXMfphq-e5LXkxDaDyp9AWE3tsPHzEOP52Y6uZJjOVrZ-ZdNL9SSRSDUUnUqJkst8MBPfg20LGeA

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:50 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-05a172857ebb8dd09@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3A5TTBnMHIxUWF4Y3U1&google_gid=CAESEEzx4H9ufQSj6DBKbR_3ses&google_cver=1&google_push=ATf1kGMcquYy8C6kd3Wo2PRtNSfXMfphq-e5LXkxDaDyp9AWE3tsPHzEOP52Y6uZJjOVrZ-ZdNL9SSRSDUUnUqJkst8MBPfg20LGeA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E29
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA6tzEIGxPkXy88qYU464YU&google_cver=1&google_push=ATf1kGOEzZI9eHVqnz2MAFAIcqS98btYn8MEplpie_FMC0D0qkKm-8v2ywixr-nGU4US0LSXxeCXG3G2E53rT6EO...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOEzZI9eHVqnz2MAFAIcqS98btYn8MEplpie_FMC0D0qkKm-8v2ywixr-nGU4US0LSXxeCXG3G2E53rT6EOVnP2Rv_snuFS6A

170 B
188 B

80ms
76ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOEzZI9eHVqnz2MAFAIcqS98btYn8MEplpie_FMC0D0qkKm-8v2ywixr-nGU4US0LSXxeCXG3G2E53rT6EOVnP2Rv_snuFS6A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:46:50 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x33 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOEzZI9eHVqnz2MAFAIcqS98btYn8MEplpie_FMC0D0qkKm-8v2ywixr-nGU4US0LSXxeCXG3G2E53rT6EOVnP2Rv_snuFS6A
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 17 Jun 2023 14:46:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E29
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJKfgxhDLRJK0y9F4fBemDM&google_push=ATf1kGMvU_V6n-PN4w8eZbFyfX2Zo1nqe5JZQP-p4vP4-YsaSYOyLP6ckw...

170 B
188 B

81ms
80ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJKfgxhDLRJK0y9F4fBemDM&google_push=ATf1kGMvU_V6n-PN4w8eZbFyfX2Zo1nqe5JZQP-p4vP4-YsaSYOyLP6ckw0PKkYWMjFRd4KwlWE13gHZvZU5kwy5oabFpShBIkr4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21070-AMS
pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1687013210.045227,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJKfgxhDLRJK0y9F4fBemDM&google_push=ATf1kGMvU_V6n-PN4w8eZbFyfX2Zo1nqe5JZQP-p4vP4-YsaSYOyLP6ckw0PKkYWMjFRd4KwlWE13gHZvZU5kwy5oabFpShBIkr4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E29
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJt3sm7X3ZneQh1vrqiQEEM&google_cver=1&google_push=ATf1kGNDA7hhmz7LrfKpdsB6kBE0t___0S9oVGBqyKuP4ecUgsGwun1r76f0I-aUxNH4ACjBPhUEz6k-fn--K-T7HJvRehitwcxfrA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5935C494F3454FFAAD03029B4ADEB089&google_push=ATf1kGNDA7hhmz7LrfKpdsB6kBE0t___0S9oVGBqyKuP4ecUgsGwun1r76f0I-aUxNH4ACjBPhUEz6k-fn--K-T...

170 B
188 B

91ms
87ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5935C494F3454FFAAD03029B4ADEB089&google_push=ATf1kGNDA7hhmz7LrfKpdsB6kBE0t___0S9oVGBqyKuP4ecUgsGwun1r76f0I-aUxNH4ACjBPhUEz6k-fn--K-T7HJvRehitwcxfrA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:46:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5935C494F3454FFAAD03029B4ADEB089&google_push=ATf1kGNDA7hhmz7LrfKpdsB6kBE0t___0S9oVGBqyKuP4ecUgsGwun1r76f0I-aUxNH4ACjBPhUEz6k-fn--K-T7HJvRehitwcxfrA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 16 Jun 2023 14:46:50 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2E29 70 B
265 B 650ms
91ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMfjFY57T78E5D7Ui2DYCFE&google_cver=1&google_push=ATf1kGMBkJMJLgJ1kQXGiRqRbtNETMl5fIAt7NGfJrGrSr1fj3jJ3vQWUcvsPl2fWzhGwoLLQk7naIAxhre2dzBJWIwzglzZTs1A6g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E29
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEO2WT70BIdiTezXwiiihMV4&google_cver=1&google_push=ATf1kGNj2oQEL3FhBW6gYooD92oEdO12FqEGGLNqrtJ2caSrLl908p6bGjweLk3btH9WviP5ri_8BYuYsC_hR-d8...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aCiySLi4SriZEefi_IIZIg2&google_push=ATf1kGNj2oQEL3FhBW6gYooD92oEdO12FqEGGLNqrtJ2caSrLl908p6bGjweLk3btH9WviP5ri_8BYuYsC_hR-d8NKKk5naIckLsAQ

170 B
188 B

75ms
71ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aCiySLi4SriZEefi_IIZIg2&google_push=ATf1kGNj2oQEL3FhBW6gYooD92oEdO12FqEGGLNqrtJ2caSrLl908p6bGjweLk3btH9WviP5ri_8BYuYsC_hR-d8NKKk5naIckLsAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:46:50 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aCiySLi4SriZEefi_IIZIg2&google_push=ATf1kGNj2oQEL3FhBW6gYooD92oEdO12FqEGGLNqrtJ2caSrLl908p6bGjweLk3btH9WviP5ri_8BYuYsC_hR-d8NKKk5naIckLsAQ
x-host: tde-deliveryengine-production-768c8bf7ff-746l4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2E29 0
12 B 72ms
67ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LeQ7AwY6r_mVz7QjXKVlf3wehD8_AW_OibfpJf6nCKR_MGD8_wzapjZFsrWVH8rBQgDPTu

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 943C 434 B
699 B 81ms
62ms Script
text/javascript 52.214.187.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=11776700071013904444454012358008&t=js&wid=tt-3dffa5
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.187.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-187-105.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 490d9347989bd9ae051a4cf624936e1f1a14fce9dcac3e755ac3429bca5557ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 17 Jun 2023 14:46:49 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F7D6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
50ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:50 GMT
expires: Sat, 17 Jun 2023 14:46:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 70C6 0
10 B 62ms
61ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?V972vw
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34C6 42 B
64 B 120ms
119ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu69viBnhRCXTiJ9rfRihsEbb1PgjtkXC2dVLe6FYj3AM3col-ch9DtmOOsitlYag9fw0fO8Enzt7TTqA9vBaelqwm0R4hEMl9JG5AyT69yAI6Z-yTFZ75pBIy1FRMgy7I&sai=AMfl-YT6pihpepT_Un5g9p60SthYwN8IaB4uZsnmMaHHpYmHAJcis0z8ZBecfaczURAvDU8nPXd51pmK2VjhqxDexEZye9WtV08XGzc1mV2KuxT24TmfM9E6B77jBJYp1Kcfd1iTjUUzjvYyyeuY&sig=Cg0ArKJSzBqNucPYdcDwEAE&cid=CAQSSwBygQiD7sPjOqqkKeqnwO4PUuxUYgWYTiLxXsfdqLoWnCydrVUdtyAOldwPI9fI8_nvwb4uazWi83f4L_X5eGV0LhUD3fKd6jrClxgB&id=lidar2&mcvt=1195&p=275,350,365,1320&mtos=1195,1195,1195,1195,1195&tos=1195,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1639411750&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687013205881&rpt=2886&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E0 42 B
63 B 149ms
96ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CwH93HtEuLUjUwakZwXVVWNsDnu6nmlKf9yP9P5MW-El0Jbb2YBCHuWhb-6960WZOxzSigmC3v8wwKFtY9zJqoJ8aMAtIC3weBTsMc17TIuXy8R7c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E0 0
20 B 150ms
96ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16204548129478434285&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 51E0 78 KB
27 KB 144ms
129ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 51E0 3 KB
1 KB 78ms
64ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 51E0 19 KB
8 KB 77ms
62ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 51E0 0
0 57ms
42ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSj4St4Wp2bnig5xXW0roYxbzN5UjXEubtG78s44A5r8GX3iP6oTF3Rfy_T31_-kGejScHbs4m4XKNu-E4MkxCANCTEqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51E0 178 KB
56 KB 68ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:46:50 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DA75 466 B
235 B 95ms
73ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi-h7zGATAB&v=APEucNU-Fjsm5Wuq0MRgO9eKvAIGWEoAsNtpKLwFsFQWj2u7q5POgPGxmwLbnHDE27q_l6boVpopzRO_zInVn3k9VXy9qnWp4Hrv39TSdc__HB47_wt7FD4LnFX6izXwYWc1GUdcL4gTVgWSQTdoGFR-M7C2KAobKojwRk7aXtjozJuP8FAhg08

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame C7FC
Redirect Chain

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=99253600071013804444450012358008&t=html
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

13 KB
13 KB

51ms
50ms

Image
image/jpeg

2600:9000:21f3:2c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=99253600071013804444450012358008&a=decb7adb
Protocol: H2
Server: 2600:9000:21f3:2c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:50 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 08:27:46 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 207
etag: "58ca4c82-335a"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 13146
x-amz-cf-id: qEbYx-ycP-pHeZa5Xr7hbxIKdjkDzhcIRiW7gVrQxTAbFKhUFdon5w==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date: Sat, 17 Jun 2023 14:46:50 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
server: nginx
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF29 0
20 B 101ms
100ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWWScVseNZLjEOcmIrASh8pGYBwAAAAA4AeAEAg&bg=!KSqlKn7NAAaGYqkwpmI7ADkAdvg8WrhcN_5NTve2j1Ln5W7kAHWJVVqrWXOr_w6hxunutaz-rLaYEPLPR4aOiSfqVisdS6bs-D0CAAADiVIAAAAEaAEHmQMnXw87x_3sPv7tdAb7vnAezBD37pUCMbxGmH6jvmCQEx0hSnPADWQET1Nlafl6C1Ry3W4o7Quofl9ZlAVqKBPKR2d2iw41BCCirHqUs7nXCMfeT4hJLi280_eoG2zZ2SDOejFwaMBRGrtz18veiwE9_5k7OtXUxJkWvFDMMDF04RySaD6-Uz9-vc2KCQ76PRuVc7Gj1SiTmW-5sqAqf2ngom2TSyVLjUYAg_Ey1xAiTXRWYsrfdquwZS2jFSg3CD4cj-yepdsnYMFjuJmsQK9KWj21grhExI7UcI6scWAuzKgKIf15UXuW-g1qWOEiOMp9r1bnX5_8D9JhO0twpeddlcd8_7x82nFrXsTpcCpHsUBSmyuTTkNuMCFgM9gY02vXheq5I61coohoiuHf1wnP8nHOoGFUC7sbIjELScj4ovSa-nVlDZpxiyZj7A2ZnItsf1k8kpxyeFPVWi_DpME6nN6F1aHqOjo7r0AaYRScfz11ZsA3QXOFJCVjI-d4OTNNukH2quBcS0s6QIdIKJt6aDamgrB-VTVKGW31LWqnZPZ0I5tx_5ygW03ejZzXD0nooJiorqh1wvO34x8d7d-aJFfu_SsFY_c1i06bHGGyilzXXR7R4YPFxHRU9-WIvHa-0Q9ikVGwF7JIpee0p-wRYostIWrD9vgwc7DzbA0JFMm-Y2ToGczKW88jV1yBWIul5bDpQbPS-Hwak9Qfqi00GQ7hSZj_xmBo1O4zm0YoWcuCARJbc4EjK5pIoT5eeKPr_l70amYD7jekOr6OFWLv5oXc3Ok2QtT9eyLccIWPIdLLQYOlTxcfvsAs8y5QY4e0-5Ln5nZCpuWa_S_Zfhj-wZSr7Bz7E3wLX3Tmgd3SkK9lRfi-ayyi_KwCjtfJomC1Wa0S_C36bKqVSGKC8jd3AK2KYWrWivSZ7pJyc2M-f9n1ZU-VWahIA1dw5C5e88qVS6xlT94rGnZOLdzxG1KNQR9IggKNdoEXI3eh0xmLKRhPUd-Hydr-I4SOkhdZgPjLR1-Ca1JRSuGmn8NeeM3B5uCT7HRiE6aOxV5cC-XNF8Pvyhq5Wbyq

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900019.redintelligence.net/ Frame E11A 0
150 B 159ms
54ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/viewability?s=62216300067296704444476012358019&a=e418316a&vb=v
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900019.redintelligence.net/request_content.php?s=62216300067296704444476012358019&a=fb746d67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame 943C
Redirect Chain

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=11776700071013904444454012358008&t=html
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

13 KB
13 KB

55ms
48ms

Image
image/jpeg

2600:9000:21f3:2c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=11776700071013904444454012358008&a=17354592
Protocol: H2
Server: 2600:9000:21f3:2c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:50 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 08:27:46 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 207
etag: "58ca4c82-335a"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 13146
x-amz-cf-id: WN80i6FHuIazx5NN6ysU7EBJCWS0kWWK1uQO5V4v6ZBL-O-nHachiA==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date: Sat, 17 Jun 2023 14:46:50 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
server: nginx
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame DA75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHahikIo17x5ZVjCdJTQKPU&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHahikIo17x5ZVjCdJTQKPU&google_cver=1&__user_check__=1&sync_id=cae6a166-0d1d-11ee-ab3e-14604df00206

43 B
549 B

29ms
28ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHahikIo17x5ZVjCdJTQKPU&google_cver=1&__user_check__=1&sync_id=cae6a166-0d1d-11ee-ab3e-14604df00206
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi-h7zGATAB&v=APEucNU-Fjsm5Wuq0MRgO9eKvAIGWEoAsNtpKLwFsFQWj2u7q5POgPGxmwLbnHDE27q_l6boVpopzRO_zInVn3k9VXy9qnWp4Hrv39TSdc__HB47_wt7FD4LnFX6izXwYWc1GUdcL4gTVgWSQTdoGFR-M7C2KAobKojwRk7aXtjozJuP8FAhg08
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:50 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 134
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sat, 17 Jun 2023 14:46:50 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEHahikIo17x5ZVjCdJTQKPU&google_cver=1&__user_check__=1&sync_id=cae6a166-0d1d-11ee-ab3e-14604df00206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 20
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA75
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2FlNmExMGMtMGQxZC0xMWVlLWFiM2UtMTQ2MDRkZjAwMjA2

170 B
188 B

72ms
71ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2FlNmExMGMtMGQxZC0xMWVlLWFiM2UtMTQ2MDRkZjAwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi-h7zGATAB&v=APEucNU-Fjsm5Wuq0MRgO9eKvAIGWEoAsNtpKLwFsFQWj2u7q5POgPGxmwLbnHDE27q_l6boVpopzRO_zInVn3k9VXy9qnWp4Hrv39TSdc__HB47_wt7FD4LnFX6izXwYWc1GUdcL4gTVgWSQTdoGFR-M7C2KAobKojwRk7aXtjozJuP8FAhg08

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:46:50 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2FlNmExMGMtMGQxZC0xMWVlLWFiM2UtMTQ2MDRkZjAwMjA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA75
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1VRHJ4WWpwRTJ1RUIuRFJPaFVqaHJIWUd0MW1UanVfVX5B

170 B
188 B

73ms
72ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1VRHJ4WWpwRTJ1RUIuRFJPaFVqaHJIWUd0MW1UanVfVX5B

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1VRHJ4WWpwRTJ1RUIuRFJPaFVqaHJIWUd0MW1UanVfVX5B
date: Sat, 17 Jun 2023 14:46:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame D733 37 KB
14 KB 73ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E0 0
20 B 107ms
100ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5999354276808&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E0 0
20 B 102ms
99ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5999354276808&version=m202301230201&ct=77&x=1&cor=16204548129478435000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 51E0 15 KB
11 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtRWKJOVQUhy2ohj7dCDXKJ_xOvTTvoSu5Iv_NNSRiQ7mabLNydyA_BATYRSp6We08wKpoLJgFmCnYTZlzj8h5BPES8j9r3zJj6OXRISIVmuQE2MZJecrsyUV_Vmz2wT8kZF_cYfMTtoMESUp6gbpLTu8UqaBeSmC_uvGmq2M_H0Q8-iE&cry=1&dbm_d=AKAmf-BQQTb1_qLmhnAueqjJsYwyS_lN0r97WBY8qplgb00ElaSKckZVy2upf6CM4oKZEBZJnMmLtAKbj8fMn0YaHZ6HdtqIpC6JIWPfMMX-eMx2cH2dA04x-sCR-cEfw5sPtBqmBpZ_0qGpMG5fc3PcpEm41dPGv0H8GUcQs9Sq-YDiVL6LGbuBtGvTf5CWPDS0gMdtv7mC-qEwI6Phg3eGeiqa63JrAq0QjOTDBDLtp_eyvAajkxf2gjbwXo134nwolsqj9JbsYRJoCSgO8Tj_t4De8WGJFbJPQ4k0Hv4vTvYXU6sdJKALe2n_fo_V0n27MY1uaUS0AEcD7xbmVjpP1-Toa8MafiT7ve9Qe0XHAPA5weTmAlERHrQoZYNgy5fmfEILEKe22yVqppaWqmHkVtv7By5Z4pwG9o84KWhpSUtDOEtS_N6v1iOFShG0brJT0ldZzW3DyIkVsap4Wtl-EB5wZzI3E0eX3Yt9Dry7_wTGZVLh6o2kL-bT3p-b6fos6i_sEGSLver40W5XMwTO0oiKSYiDF__vvngHWWI2ocbJwpmLLwJ2hIxPGgDCUXuMxtLbKl-PiMj-j04bePtZhdMr2TLS-mUH048vnWSlMkhTI6Ki25yWp3ly4qNEFXpUv6t4TP6BB-4LXmKKhvjOb6GTBQYaAvpUb6K4ez5eOYNF7l_TTD8ZZbgbMhm5xK2asemUzCeDVvl5s8Eb2fP5wapnpWGOC3c-YbyPxzG5-i7Gt7jDM9hcQjNSZcOG6F0uJz-OKlRnm-2qrIRAoOm_76FTsII2fcOleANIWXBxNJ09XRnxyArFE6XL1GYbH1yQN58Zsi7udGOimsTdEvie5USgNa7u7BUHU8MICTnLC50Mes8tvjePmjoLlV4GqHE7zCYnJOJLX2JkClEyQLeB48-_GYK_ac2y1k6yQ-yZPnyKqPuyWGhjQeWYK6L7SCnqQqSuYRt9BbdTGLheVjzwhGqgA3i78YhXl28-dN9FtN9fztkmDdEI_crIpklsebtJ-KDl5XxrUOhQoNWl1lnhMp518jmD6V0tx4qjPBMRQ_WNJygQuii3wF3ZShsQZ1UbmBguSKxRrVzA9RdAsBDDAevAj4pSwuv6_pE4Ty2PDFtPmC0RLaDCZeWj4kmgIByvpyau2nBgYHxts8UjhC2Fb4M_Dtbu_79aNAo7hJE23PIs7QC5FugWk5nLi8Nq3RHJZvpWv5T295qUWq2ZcJmgMAmEu6-tjt_yOolzrnlInymBJEtnnKfNfcQ7VzEAu9g5gcVGwYWyYEyYrOaJzZFvq1B8_7LMuDuCiqPlgH0BAmFtN-3ahnHhk7wrWrVHiOAxx87R8Wng_z44xOq4l2sRBmHpN82dk0yJZ5Rt4NILfk5s8uO-rqIU97UxX-lg-2JDaCg8GKe_sQn4UeBNrOOJNCGu6CHPQyhZH6EWW1M35wdLtgPioAD0oDSsUOgmaSnOHoVDfekDhDPmqjDF3CJyQwSrX_533EbWwepTHXF7qKt73BkEk4ICENJlBUGif5b_jJvZXQwiMm8IKtHV9d8y2q_mwJZoPQMxxDPqSLffyrmKGciZcfTpRkDbfeGmrMLglS_GEj9RnhtMj5k1cfUM31vdYlSBOFw6lCvMDWn7LouTUTZDe0Q3dn1qxTO64GxUZza5-fnBa8zQKZU_pUx9eBclik7zaM1ZVExCuCnUdRm7IcDyA9Z35ckBm5_ugI77Tsc75R6-703dRgOwOaifEspW-lr9DwNCJL0L2Squ3OUuP6nDMUKT7CJ03EXIvkcLvnwPLEoLF5sH_14NpOJbaQmV_RVsgqh8EsUbTwyhCGKwZp0BTLtgMJwZ08_llLFU76YfCMe73Rgmz5B5QWROWS3csPO3IsGG3MHF00Wux9jp1UqbqC6n5bUBT3OUbyP1JGT9Uq82lIUD3qtzv489NgOeLj3_UNZAikEfnoUxZhX0lwDDXsuPav_uCKQTgkIjQkUFEhnEJR9wvLGLextF3cF_wzZV60DWUYK3u94C2sSz4Tdf06VurOMqz1PGwwg31Xgr58xXJuEMzDYNGMZ3ljvi-IYtong_fm-o8WbZwFA2Cg8j0xrf-kRzY7xFP3y62P_h-W2OudGhZAQkM7aXmOHOAIfe0LyWqbUjPdHiCuNi-MiOtaVEFGqM533VNv_vhHQLxpggU0Wn4XGGhzXcx8gJ_cMuUpAGHh43dJ-dKgNIuXdIJlaPLXoQ1mnezbLLiZNG6qG469xHGvxssXklQ0R7JzEpUE1O2GpNwg3mkP_xuDsQyn7T05KRX6CkPA_SvkmJ8hSP5v-dhraD-C7h9gfI4p--AE1sbnf4_ZxCxDeJG22p-TqF0YAORW7fKXwLgFYGxW2ZAhedOh05iw86nlMA3d9smTSsykrQ4zPoS-9JFPsowyWCVNiqEnNRqh1pl6524DFDChxL_Ink3lSwbVL7d3kXIf4mq2wiZb_jS2Jc3SYeWrjvlEzGrI2sy5Y8_pgFpAWkDatAM0FK1mtaJ0TIbt6cA8YEUFGDf0VuI5MNGqcdS5WaPtVUBm7K6TDYTTmxogCeRvo-LtZeWLR-qDKrIg4wp2FridWNLL8v_w5cJV3bWP6yrFUaDbWRXD7E9t0AKyu_xOCrSo5EzVPafdo8Pd9PAL-OtheLl-86K4rk8BcaiQXB3_48hA9qRjE9sOmMTx6HDqu1dQtGr2dLjbq9ZdaRKNhWjgor0mJNLAMq6Dg6IiuWKT6j5Bh0qkaUUadtGjlYf84TS9AR-2RfvhhmjBLwvqrVxevYoQsj-7tf2noVHbT7pT9ddoTkJrFQv5mDdr6aZLaBp3mgrWw-J3mK8hoN82FueQEL_s-PPnSWMtc-uDIDedVpofaetG_QRy37LzBs6B_CyHvycZVXbEE5XJ8Lai3m8P8btaKb9_7Zbdgk_a1CA-G3THM9qtetAhSd_3d_mGaMbXy1D55Cyyy1rz4AOVYnA2GDqe_gSn6gSIzweL32O-iX--LihtSMfcI1V4f91QQQsQUCrsrwvZzz7pCl6J2QgTuElhkrAe677-VXmm4-oYUeZgCemiegc8X9v3NQV4tnsuK5vuwCqPeny1uL1419MHUAfNT1Th-DejpN4X-vtSZZSAFn-uQDvhvFcVDV719tLnjH3eocNggAhAps4FWrlLZ_1OQEMmYFnedr-IFg2lr0on14srt54FOTdDWCT_U_xZAMqnl9VvRU3EyWE04Tdbcv-BpzF5xZnLhv1ch20WarqF-LmcuCTK6JJ9A9Kb580FJfPTJxF86mV4E2-fSxqIw5Eu2fm97UaiWmQIhoyUqTHpYOcMcYLBgLHYOX-ZcYfb5t-3Ks1f3otPL0EfoR_x_OxZRFZ25_7oeqwL3FLJvGRjIq_OykxMCO7K1V2arULHamN5ldfKjDLoFBDch3pMmyftNxXsWdTDWKdBwUoOeosXLWTe6rxd0jtMksE6k5AGX7oEy9J-Zr8VeNC7LxIQ596pL87CpJBWQG-oNMbqtKf9FlGTJSAD1GlisDBApdXUwIgSYfGjQAPtGeQw&cid=CAQSPgBygQiDuRuamBaq2GdJwuZrgB8IPtwimjdkxfZXX4dc-0PL9wBqRwP2UHLWxrE-mPHv8c12hZlPAcNTQHCbGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Frd.fharr.com&ds=l&xdt=1&iif=1&cor=16204548129478435000&adk=1411225166&idt=223&cac=0&dtd=39

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bea69fdeea61432f39ce1fd6f888dcd9bcac1aa0b6b3a0bf5bb60baceee2bdc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11242
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1AD 0
20 B 107ms
106ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9c7EV8eNZLjhBIar3wPWhrnwAgAAAAA4AeAEAg&bg=!BwSlBFDNAAaGYqkwpmI7ADkAdvg8WgjZXM-9-z_Y32wDZr23JGU4BkKN3R2GeTpiAM_ne6LqVisyT-CrCJSucl6yw8WHks65NmoCAAAD-1IAAAAHaAEHCgAU7GovvLzjKDBKHLMNyv7Ogh_LkHiZAzKDXv5_UkinsXZMZ0FqmrpatW5KZ-uft22rro8v4pwwbfhvHxpejG_wB9N5Ft3M-jTot3xF17LOQbhpmTwu6qmvxMyT4nTQSMYfIsd3yggwfhOH0QdxmUW0_zQXAwQVf9OX8TMnyK5Hp4PEGSyCPTSPNK6XS0Fx_vTrzLBJsHYG2bHI9fDUqe-ccbI_uMQms2mWk5ukisB0YWybXVIXQQrLuHOSsHHQVWi3Xl8GKZan_hV98eXDtAu3l0V1EqdQPVF1AvIiXzn89qfM_qsvHN9i0i0hRXJSrwjt_JBfjhEsmX8yCcHTPJsMHy-oKbnvgpxLZN-BRYyQ2hChPdZzTLV2bGqlibS0a_2V0o1UzTQXSmhjCf9OVSEM8f0oGK5rxUlbDC2cfBD4oh2T707USVPQYyjkpRaiL-XR5u9KRGoUiT7dqhhUR7fPJdvZXI38eXFJrxe52qknhziUTTpFSg5-WOcpDA0KTu2foCDjTRmayY7VE3Q9B2INdhUR7SF_UoU78q1nbtoJyEGWeRhHvEXesIbBiH6QyOqkLEWvab-YbGsUfC4nhNJMLWAxZIJ7yJtfejbiRdYBIaMTKDcRO3-PUDY5CKkqH9AkP3DKY82ekcZgCPaVNLnXF3T9HVHMcFQEa0OZLFEwY5wG2UA--yCDkDoUQsTat4eFLa1UZsyN5rVUOpwHDqPSOvpgg35Zk80MuKBaMee540RWnUg4VRnE49jv6WSO16w7I6OxwgxKPhEExsxPBXBnoAj_1m9dyT5A0gpJM6_h4pBUNFn9-aTUwGYk_9OvdLHxhhOt3TuWj1_DjY3BjW6_2Z-MlKtH9d_rhYRNE15blPkru76dH52E8VAot5JjzFtrta6XZTfdD4YPjFevxJZQugSw6dD10VvBVNvpVJv2WAunpoxKhIvDRwtKpVo0c5cplPjOtgZ_TwFkNKYgwJ2g9HNu8YLmtF8JgDrmKrSKUaTugZUlvMvgZu3krZsiXs7SQHA8mxcGL1tkikD1ZLVKVp7e-8TKVTp69bnx9832f7TVA07nIQwjq16g5A98_h4oxGhxsCKYqdFHQzpBmKsJbYMpTfZuWKMUOg

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3971 0
20 B 123ms
118ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwAlMV8eNZL_CFJHI7gOs7IjgBgAAAAA4AeAEAg&bg=!29il2IzNAAaGYqkwpmI7ADkAdvg8WgnekWQWGU8ozBylbkB1FbgxXrYhIuKjtajKvC92WJOqWaFaabH-wNMfJF4emxdQPocWxj0CAAAD7VIAAAADaAEHmQMxQR8EN2jmK2mUDOxT0N35-2VEslxd2eYbOk0ZDGwHSndAaapTA549LGZI5WH139Kd-ThppTJbauUfaMO4A7ljz1hxzgfotp67w0_1xOxFebO3CtILrKJkhjOgtfNfXj8ZI97rdSqb9yZGEEee6x3GACdePQxzkOqTdjjfJTisXLkU6n9d5oTj1Coua64zMYLt6xhwFCRJdFALz5VKlLt2XwArRx9FkLBB1F8Pnn9p0N6bC7DZQWBqkORl_Nh52sZcZiCx-Znsj5uGZkfjeS-0ZD2LrOeScBI2tjfTrUDvlCqaEgkFnMGBW6qaSijlgvXCXY3Ch7DAS0CTo69Z5uEKeUFJimQIGGumsNbdVq8Gbhy00c8Wlp6KECNJ-c5lcI-5C5JyeLfxugQVguKcOZH_WKPxVX188HgMVpgCJVqKv0oaLBie_R4rKHup0vXI-DfalPXFMJQQjlevOTTxlOF1xsRhDcCXtOTgYQ9XGNmwk_dTK7Tn-LFoigwKBmeeukjGoHJ2r9780SH4nwLlNys1s4CeJc3FYZpTjf2iUgiCB3Ak53dURdWzfA-d0fdkVJmfjEh6NYHLtMj0NMRtm4yDSWIFNgIrxNfKJTi0J6cYnMXj8LUzUecHn2rqAlY7SR84zI2tsmUuSgBkbXWnQ1LsO-7b-RBJKH_UVQ5n2Fb1QLTyo4uYX7tASm_290RPvMHKmTEorj4BM98F4UrbLhaO0y70OkDbYhVxGcOL4yDaHqhSxPHnYBqt2fx2KGUiiVJoaowogsT5EWosE3ocehU4RCqsmwCtuccD7pqHAq3D-15-OBpR5DsAU5YC5sNXAFWFpBGCVIfVI_7GSutThqAvz2cRvQ9cq-PCxUM-VJ9LLipXJMy4__GLeVOdUW8Xy6ZCC7oMyuAGEyAOM4CNPwgs7nJiKdbIrgPyLR1QnlLlLkIwj4_ZKVszbeIFnItW-VcTqddpJiGsKGahYh8mIa9VJkaQmxUzE7J5QMyH2Tfo4gjFET2qR7v7b9cSTEJpyE7J-KoH3N2io3WGXkse_Vqm43__Yb5n0P-IgbvIcZi3EtC_vzuf7kzKS2mCU4IxUq4bmw

Requested by

Host: e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
URL: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 51E0 41 KB
15 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtRWKJOVQUhy2ohj7dCDXKJ_xOvTTvoSu5Iv_NNSRiQ7mabLNydyA_BATYRSp6We08wKpoLJgFmCnYTZlzj8h5BPES8j9r3zJj6OXRISIVmuQE2MZJecrsyUV_Vmz2wT8kZF_cYfMTtoMESUp6gbpLTu8UqaBeSmC_uvGmq2M_H0Q8-iE&cry=1&dbm_d=AKAmf-BQQTb1_qLmhnAueqjJsYwyS_lN0r97WBY8qplgb00ElaSKckZVy2upf6CM4oKZEBZJnMmLtAKbj8fMn0YaHZ6HdtqIpC6JIWPfMMX-eMx2cH2dA04x-sCR-cEfw5sPtBqmBpZ_0qGpMG5fc3PcpEm41dPGv0H8GUcQs9Sq-YDiVL6LGbuBtGvTf5CWPDS0gMdtv7mC-qEwI6Phg3eGeiqa63JrAq0QjOTDBDLtp_eyvAajkxf2gjbwXo134nwolsqj9JbsYRJoCSgO8Tj_t4De8WGJFbJPQ4k0Hv4vTvYXU6sdJKALe2n_fo_V0n27MY1uaUS0AEcD7xbmVjpP1-Toa8MafiT7ve9Qe0XHAPA5weTmAlERHrQoZYNgy5fmfEILEKe22yVqppaWqmHkVtv7By5Z4pwG9o84KWhpSUtDOEtS_N6v1iOFShG0brJT0ldZzW3DyIkVsap4Wtl-EB5wZzI3E0eX3Yt9Dry7_wTGZVLh6o2kL-bT3p-b6fos6i_sEGSLver40W5XMwTO0oiKSYiDF__vvngHWWI2ocbJwpmLLwJ2hIxPGgDCUXuMxtLbKl-PiMj-j04bePtZhdMr2TLS-mUH048vnWSlMkhTI6Ki25yWp3ly4qNEFXpUv6t4TP6BB-4LXmKKhvjOb6GTBQYaAvpUb6K4ez5eOYNF7l_TTD8ZZbgbMhm5xK2asemUzCeDVvl5s8Eb2fP5wapnpWGOC3c-YbyPxzG5-i7Gt7jDM9hcQjNSZcOG6F0uJz-OKlRnm-2qrIRAoOm_76FTsII2fcOleANIWXBxNJ09XRnxyArFE6XL1GYbH1yQN58Zsi7udGOimsTdEvie5USgNa7u7BUHU8MICTnLC50Mes8tvjePmjoLlV4GqHE7zCYnJOJLX2JkClEyQLeB48-_GYK_ac2y1k6yQ-yZPnyKqPuyWGhjQeWYK6L7SCnqQqSuYRt9BbdTGLheVjzwhGqgA3i78YhXl28-dN9FtN9fztkmDdEI_crIpklsebtJ-KDl5XxrUOhQoNWl1lnhMp518jmD6V0tx4qjPBMRQ_WNJygQuii3wF3ZShsQZ1UbmBguSKxRrVzA9RdAsBDDAevAj4pSwuv6_pE4Ty2PDFtPmC0RLaDCZeWj4kmgIByvpyau2nBgYHxts8UjhC2Fb4M_Dtbu_79aNAo7hJE23PIs7QC5FugWk5nLi8Nq3RHJZvpWv5T295qUWq2ZcJmgMAmEu6-tjt_yOolzrnlInymBJEtnnKfNfcQ7VzEAu9g5gcVGwYWyYEyYrOaJzZFvq1B8_7LMuDuCiqPlgH0BAmFtN-3ahnHhk7wrWrVHiOAxx87R8Wng_z44xOq4l2sRBmHpN82dk0yJZ5Rt4NILfk5s8uO-rqIU97UxX-lg-2JDaCg8GKe_sQn4UeBNrOOJNCGu6CHPQyhZH6EWW1M35wdLtgPioAD0oDSsUOgmaSnOHoVDfekDhDPmqjDF3CJyQwSrX_533EbWwepTHXF7qKt73BkEk4ICENJlBUGif5b_jJvZXQwiMm8IKtHV9d8y2q_mwJZoPQMxxDPqSLffyrmKGciZcfTpRkDbfeGmrMLglS_GEj9RnhtMj5k1cfUM31vdYlSBOFw6lCvMDWn7LouTUTZDe0Q3dn1qxTO64GxUZza5-fnBa8zQKZU_pUx9eBclik7zaM1ZVExCuCnUdRm7IcDyA9Z35ckBm5_ugI77Tsc75R6-703dRgOwOaifEspW-lr9DwNCJL0L2Squ3OUuP6nDMUKT7CJ03EXIvkcLvnwPLEoLF5sH_14NpOJbaQmV_RVsgqh8EsUbTwyhCGKwZp0BTLtgMJwZ08_llLFU76YfCMe73Rgmz5B5QWROWS3csPO3IsGG3MHF00Wux9jp1UqbqC6n5bUBT3OUbyP1JGT9Uq82lIUD3qtzv489NgOeLj3_UNZAikEfnoUxZhX0lwDDXsuPav_uCKQTgkIjQkUFEhnEJR9wvLGLextF3cF_wzZV60DWUYK3u94C2sSz4Tdf06VurOMqz1PGwwg31Xgr58xXJuEMzDYNGMZ3ljvi-IYtong_fm-o8WbZwFA2Cg8j0xrf-kRzY7xFP3y62P_h-W2OudGhZAQkM7aXmOHOAIfe0LyWqbUjPdHiCuNi-MiOtaVEFGqM533VNv_vhHQLxpggU0Wn4XGGhzXcx8gJ_cMuUpAGHh43dJ-dKgNIuXdIJlaPLXoQ1mnezbLLiZNG6qG469xHGvxssXklQ0R7JzEpUE1O2GpNwg3mkP_xuDsQyn7T05KRX6CkPA_SvkmJ8hSP5v-dhraD-C7h9gfI4p--AE1sbnf4_ZxCxDeJG22p-TqF0YAORW7fKXwLgFYGxW2ZAhedOh05iw86nlMA3d9smTSsykrQ4zPoS-9JFPsowyWCVNiqEnNRqh1pl6524DFDChxL_Ink3lSwbVL7d3kXIf4mq2wiZb_jS2Jc3SYeWrjvlEzGrI2sy5Y8_pgFpAWkDatAM0FK1mtaJ0TIbt6cA8YEUFGDf0VuI5MNGqcdS5WaPtVUBm7K6TDYTTmxogCeRvo-LtZeWLR-qDKrIg4wp2FridWNLL8v_w5cJV3bWP6yrFUaDbWRXD7E9t0AKyu_xOCrSo5EzVPafdo8Pd9PAL-OtheLl-86K4rk8BcaiQXB3_48hA9qRjE9sOmMTx6HDqu1dQtGr2dLjbq9ZdaRKNhWjgor0mJNLAMq6Dg6IiuWKT6j5Bh0qkaUUadtGjlYf84TS9AR-2RfvhhmjBLwvqrVxevYoQsj-7tf2noVHbT7pT9ddoTkJrFQv5mDdr6aZLaBp3mgrWw-J3mK8hoN82FueQEL_s-PPnSWMtc-uDIDedVpofaetG_QRy37LzBs6B_CyHvycZVXbEE5XJ8Lai3m8P8btaKb9_7Zbdgk_a1CA-G3THM9qtetAhSd_3d_mGaMbXy1D55Cyyy1rz4AOVYnA2GDqe_gSn6gSIzweL32O-iX--LihtSMfcI1V4f91QQQsQUCrsrwvZzz7pCl6J2QgTuElhkrAe677-VXmm4-oYUeZgCemiegc8X9v3NQV4tnsuK5vuwCqPeny1uL1419MHUAfNT1Th-DejpN4X-vtSZZSAFn-uQDvhvFcVDV719tLnjH3eocNggAhAps4FWrlLZ_1OQEMmYFnedr-IFg2lr0on14srt54FOTdDWCT_U_xZAMqnl9VvRU3EyWE04Tdbcv-BpzF5xZnLhv1ch20WarqF-LmcuCTK6JJ9A9Kb580FJfPTJxF86mV4E2-fSxqIw5Eu2fm97UaiWmQIhoyUqTHpYOcMcYLBgLHYOX-ZcYfb5t-3Ks1f3otPL0EfoR_x_OxZRFZ25_7oeqwL3FLJvGRjIq_OykxMCO7K1V2arULHamN5ldfKjDLoFBDch3pMmyftNxXsWdTDWKdBwUoOeosXLWTe6rxd0jtMksE6k5AGX7oEy9J-Zr8VeNC7LxIQ596pL87CpJBWQG-oNMbqtKf9FlGTJSAD1GlisDBApdXUwIgSYfGjQAPtGeQw&cid=CAQSPgBygQiDuRuamBaq2GdJwuZrgB8IPtwimjdkxfZXX4dc-0PL9wBqRwP2UHLWxrE-mPHv8c12hZlPAcNTQHCbGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Frd.fharr.com&ds=l&xdt=1&iif=1&cor=16204548129478435000&adk=1411225166&idt=223&cac=0&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 07:39:33 GMT

GET
H/1.1 200
OK 82s1z1rtt4yg Show response
hal9000.redintelligence.net/zone/ Frame 51E0 11 KB
4 KB 153ms
49ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/82s1z1rtt4yg?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRL8FWceNZLPyB5yEwuIP5JeTwAvM-YagadO5x__3D_AuEAEglubfEGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_Q1BSdoEr1T2Et9JKBQGKvbR1GtVb7O-vFeD64P7i9DJc5TfTO4TSfL1VddocypvuIcsosXYr5PJVy8byqjzgzm1KN1gGLDluLJkHRy5L5TDAUBn_8H7LvD1_e9jWhQ_IbAFLbZBf9nrwykYhyPoS2TXA5xqJO39hetSG92AfUJk4tqPJgKM5AcJgNCQ-OSRT6he6A94JDeXz7haKXnL8c0Ln4ATO35TJxxUViGUt3C7rnk2Mefpc7sXiQcSaPk8Fd_EoOdKu8_WKFHpoSXFJOul41hllDd4dWwN5WLCjQ2HRrz74ZwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDuRuamBaq2GdJwuZrgB8IPtwimjdkxfZXX4dc-0PL9wBqRwP2UHLWxrE-mPHv8c12hZlPAcNTQHCbGAE%26sig%3DAOD64_1AJQ2wDw1os3CuUNJ5pG1lBW0U2Q%26client%3Dca-pub-8211648974049874%26dbm_c%3DAKAmf-AqAtX6MSUVhHhmVTgrNLgB-M_igJwSdwxVfRY5G3MgejA5Ps0diRs8nwji8r3TTUJ3q7wC0mifK95LUprl3wjOMlb0NifErni1REe_1SCuWryQaeq_rieay3a_XjvJI-a3zOcYu-h8TeK-1dz7mckJfuIZSCjNsu0CDSJ32DLc6o1EH3A%26cry%3D1%26dbm_d%3DAKAmf-B_gbIo5--mnCtT7oCOMmfBiQDvoWZX8vCUq-Pz0cXl5wK9Ifj7MB_AXXICEIlHP6w6TsnrypJkb1NV2gaSzeIsGbZAHhhS7c6KRiT2t37vJS7eDdHu5JQ6xUq9vXj2lUko63ATRXXj1xPY45hg7xu4gMuTzqDozPfwRZuUDsTg6JjVHQwDQtt3n4jMJB9ZpbwkN4vfVd7ksZIFPJxmUWCe7RnfzXUpMTIYLCFe8Zv5qHKOlQtHHXh4_Wex-I3IOQDwo6asQ-DyMXQgcd8m6rRWI3-IGPTWxWf9L99-pg7DEZ5Z5lDv0H133cpaAhSXq9l2JVlQ5UFGqf_hdY6mqPlglNprXTCbon4HbDa6gZtxVJlmdsYDI6tFx0pAzbVg3hufhfvx_TiGvUontiO-JvuyXQHoKpQZwSP2M1-qwS9xYpjrETUZrnCcwT_uUlHpqrj9E0dEhOF1Aom3NIKfpKwyMI2WUDR1H8pbzuiZczNckRLaTCN0yAaDGBZdoJMsyy7jsjsIcaBJslqi8ckzxLnpeGfsTBAnZRjw6lWZDaM9CHLHnu1ASrl8Pv2CoZP123HyGQau%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3fe4e47c98292de01537a2ac5eeb7073aa4fd3371653544abbf055ddabcd0bd8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4095
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 393A 22 KB
8 KB 72ms
72ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 85536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 15:01:14 GMT
expires: Sat, 15 Jun 2024 15:01:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.php Show response
hal90003.redintelligence.net/ Frame 51E0 3 KB
2 KB 393ms
265ms Script
application/x-javascript 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=82s1z1rtt4yg&nw=20&renderingType=javascript&namespace=2f5d27ef28&subid=&uid=a0cfed8e50a4abb6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRL8FWceNZLPyB5yEwuIP5JeTwAvM-YagadO5x__3D_AuEAEglubfEGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_Q1BSdoEr1T2Et9JKBQGKvbR1GtVb7O-vFeD64P7i9DJc5TfTO4TSfL1VddocypvuIcsosXYr5PJVy8byqjzgzm1KN1gGLDluLJkHRy5L5TDAUBn_8H7LvD1_e9jWhQ_IbAFLbZBf9nrwykYhyPoS2TXA5xqJO39hetSG92AfUJk4tqPJgKM5AcJgNCQ-OSRT6he6A94JDeXz7haKXnL8c0Ln4ATO35TJxxUViGUt3C7rnk2Mefpc7sXiQcSaPk8Fd_EoOdKu8_WKFHpoSXFJOul41hllDd4dWwN5WLCjQ2HRrz74ZwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDuRuamBaq2GdJwuZrgB8IPtwimjdkxfZXX4dc-0PL9wBqRwP2UHLWxrE-mPHv8c12hZlPAcNTQHCbGAE%26sig%3DAOD64_1AJQ2wDw1os3CuUNJ5pG1lBW0U2Q%26client%3Dca-pub-8211648974049874%26dbm_c%3DAKAmf-AqAtX6MSUVhHhmVTgrNLgB-M_igJwSdwxVfRY5G3MgejA5Ps0diRs8nwji8r3TTUJ3q7wC0mifK95LUprl3wjOMlb0NifErni1REe_1SCuWryQaeq_rieay3a_XjvJI-a3zOcYu-h8TeK-1dz7mckJfuIZSCjNsu0CDSJ32DLc6o1EH3A%26cry%3D1%26dbm_d%3DAKAmf-B_gbIo5--mnCtT7oCOMmfBiQDvoWZX8vCUq-Pz0cXl5wK9Ifj7MB_AXXICEIlHP6w6TsnrypJkb1NV2gaSzeIsGbZAHhhS7c6KRiT2t37vJS7eDdHu5JQ6xUq9vXj2lUko63ATRXXj1xPY45hg7xu4gMuTzqDozPfwRZuUDsTg6JjVHQwDQtt3n4jMJB9ZpbwkN4vfVd7ksZIFPJxmUWCe7RnfzXUpMTIYLCFe8Zv5qHKOlQtHHXh4_Wex-I3IOQDwo6asQ-DyMXQgcd8m6rRWI3-IGPTWxWf9L99-pg7DEZ5Z5lDv0H133cpaAhSXq9l2JVlQ5UFGqf_hdY6mqPlglNprXTCbon4HbDa6gZtxVJlmdsYDI6tFx0pAzbVg3hufhfvx_TiGvUontiO-JvuyXQHoKpQZwSP2M1-qwS9xYpjrETUZrnCcwT_uUlHpqrj9E0dEhOF1Aom3NIKfpKwyMI2WUDR1H8pbzuiZczNckRLaTCN0yAaDGBZdoJMsyy7jsjsIcaBJslqi8ckzxLnpeGfsTBAnZRjw6lWZDaM9CHLHnu1ASrl8Pv2CoZP123HyGQau%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com%2Chttps%3A%2F%2Frd.fharr.com%2Chttps%3A%2F%2Frd.fharr.com&random=7739629862999&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/82s1z1rtt4yg?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRL8FWceNZLPyB5yEwuIP5JeTwAvM-YagadO5x__3D_AuEAEglubfEGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_Q1BSdoEr1T2Et9JKBQGKvbR1GtVb7O-vFeD64P7i9DJc5TfTO4TSfL1VddocypvuIcsosXYr5PJVy8byqjzgzm1KN1gGLDluLJkHRy5L5TDAUBn_8H7LvD1_e9jWhQ_IbAFLbZBf9nrwykYhyPoS2TXA5xqJO39hetSG92AfUJk4tqPJgKM5AcJgNCQ-OSRT6he6A94JDeXz7haKXnL8c0Ln4ATO35TJxxUViGUt3C7rnk2Mefpc7sXiQcSaPk8Fd_EoOdKu8_WKFHpoSXFJOul41hllDd4dWwN5WLCjQ2HRrz74ZwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDuRuamBaq2GdJwuZrgB8IPtwimjdkxfZXX4dc-0PL9wBqRwP2UHLWxrE-mPHv8c12hZlPAcNTQHCbGAE%26sig%3DAOD64_1AJQ2wDw1os3CuUNJ5pG1lBW0U2Q%26client%3Dca-pub-8211648974049874%26dbm_c%3DAKAmf-AqAtX6MSUVhHhmVTgrNLgB-M_igJwSdwxVfRY5G3MgejA5Ps0diRs8nwji8r3TTUJ3q7wC0mifK95LUprl3wjOMlb0NifErni1REe_1SCuWryQaeq_rieay3a_XjvJI-a3zOcYu-h8TeK-1dz7mckJfuIZSCjNsu0CDSJ32DLc6o1EH3A%26cry%3D1%26dbm_d%3DAKAmf-B_gbIo5--mnCtT7oCOMmfBiQDvoWZX8vCUq-Pz0cXl5wK9Ifj7MB_AXXICEIlHP6w6TsnrypJkb1NV2gaSzeIsGbZAHhhS7c6KRiT2t37vJS7eDdHu5JQ6xUq9vXj2lUko63ATRXXj1xPY45hg7xu4gMuTzqDozPfwRZuUDsTg6JjVHQwDQtt3n4jMJB9ZpbwkN4vfVd7ksZIFPJxmUWCe7RnfzXUpMTIYLCFe8Zv5qHKOlQtHHXh4_Wex-I3IOQDwo6asQ-DyMXQgcd8m6rRWI3-IGPTWxWf9L99-pg7DEZ5Z5lDv0H133cpaAhSXq9l2JVlQ5UFGqf_hdY6mqPlglNprXTCbon4HbDa6gZtxVJlmdsYDI6tFx0pAzbVg3hufhfvx_TiGvUontiO-JvuyXQHoKpQZwSP2M1-qwS9xYpjrETUZrnCcwT_uUlHpqrj9E0dEhOF1Aom3NIKfpKwyMI2WUDR1H8pbzuiZczNckRLaTCN0yAaDGBZdoJMsyy7jsjsIcaBJslqi8ckzxLnpeGfsTBAnZRjw6lWZDaM9CHLHnu1ASrl8Pv2CoZP123HyGQau%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 76512202adc598c074e544f15af7149934759c58090b2d3d40a0fa465d633c5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:46:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 14940800071026304444470012358003
Connection: close
Content-Length: 1074
Expires: Sat, 17 Jun 2023 15:46:50 +0200

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 393A 37 KB
14 KB 82ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2946 0
0 108ms
103ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306060101&jk=1918034560561761&bg=!goGlgdXNAAaGYqkwpmI7ADkAdvg8WkHjbMSJFararS21jPXpda9ZHMfu822hfWWAazzmNpkSEzq5w6U8xglOqOWD8kdLfRjC24kCAAADcFIAAAAFaAEHmQL0PAFBJV3W4Ck4tbEse8SHqfh_RLrpcdPmab49CBGSpfNt5wfBK99Ty66VlfEonxxjMrX4C90moq30sxsRFaF9wZb9sg3P6kQjMZ5D9Q90jOh5IK2QnFzhQJf1aP0Ax78ONqTbeRnbW2O1VpzibyNQ-ke_uph4tFeWeDLCn9ZPYsyiFv5tAWTq9rpXnTGLCu9mf1zxk4WdVQiIJMpO4P5fBig0uccL3HRozb2qsB0NiiGB6tcXYk55O5wiLqEiohC_mHuMgLA3eiR95ViYrJBmltPJbzcFk6RQL8ZfX2fg5cF2j4uK12qQqSiP5OWerwxeBToEAlUh4CED9YK1Rrt8ObYVOLARaJ4uJWYh7M0w2nEnGc5gIbKUHxnxZSD6v-Rn55Fq_25U-gfgb0LCAGEXfTzXm9XgW9Xp902Y1nLk5C-b8gA62SRo6Q2Crg1u-pomjRJtRXRXIwwuU6L0I9gmq8mr2NGVl4nP2NcsB3w7IWKmqJS-TSc6Wlp3mUQSIczNZe4_nZ1flNoDQthDt1GIQACb_notNRo7Mf7mjwTGN8dqqZwvrHvXqD1J43vm7EV9SfpD_E4802RPvQML5ayJ8k-hBXtha8pXNhM6FJIbcH4q4II9I9JnGu5gkidzDqJo3q1sX4HoszIwGLJ7TIM1bSPtgXPd2U6qXeRvEvflPJLxQvDc_VxmYSl1oCEZ-IwBrlu-hr15wnFRpJtkBnBq32IAhEzEbBn_6xCtrq4pBTb31l6FFiWJhgJaS5kTLFvbMXrHMr3P3qAdU5jwpbrIlfWNs9wgT17AFmMDtJZIk4mdsgKbH9_l9MmLLQ-3RW4E3fOXualxr-PXdYDCtbW2Gh_NICGhFFuxaEaIiUcgExlWQBDryf-9GP6LzQVlhMwk02aC7uFbZmUWJuU5fEQip9aqTrHSEpRgtzjyt1KaKaxx-NUxTZBHPGxFBbEDsCVI2h6EXTTJRwx79TV8XpR_hbpUSm740jV4160hlCJFrN-zBQGM
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 393A 0
20 B 99ms
98ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_zuUWseNZIfyFc_8gQeNzIfgCgAAAAA4AeAEAg&bg=!-vml-a3NAAaGYqkwpmI7ADkAdvg8WqwxWMGOv8Vljvf_KMPCyZoE25V_JLgF3nqGIbXiUjTA8W8q2GtxRrbFGVwJh_FRSzjGpM8CAAAAiVIAAAADaAEHmQMx-SDDJ9snRQjmxl6fX5QYz2_Bdk9eSopV8HAVorM8MlnJf4f0AUpRTt0AqCfZHS9oOTLQwQnX6DUXPd7ZX9hcilMf3KsBND-Jcmp-VZXy6V18Tl6E4AcBfHALU9HFFVxbUL236eE6d9vYV9mP75GaHwICxD0_A8PngzhwyWih4tofFerveN4IIt8uMK5o7VJBVEs3HfmAwwkE6rlnviZIWnaLnnoXCzZjBRUCl__R82Uf4zmK8CTNoKzGXPPCZmwa_JHrUWGv3bJ1jDM3AoY-gtVWviFngXofm3MhCkGvTFqwWrMarsQHbF0Tu-3mfnu0h2a9l7XwVWZHqQTOuRaTRhNOMPLju9lSL_3YGmJaBFcDBdPrhzU7bX0lU3kPQ7yTnzbUHx5gTZ959PhV6ob6FX9lgF8hmnXfiZwMuqnM3JBo3xh7ax2AWfAPPTvzhMW-xPLE_mfCClW_KQR8ez9PJ7CnAkp87yoXz8gBoONDbHxS3aj_rKNlfnNfq0hErj4V_-isxuMmOhSCu0BgUgt5jC-GKDZrVMd9-Ql9TUAqRNhTbiw1K6al1haLWNmg_BGuyNgm0OUStI6T_Lkkf0mzTgVB_SZWMNM6Ix6MeuRDCHe52Ha_2ouvNEwwmdbl5CtHTYLPpVZJZ6pX8eu1qMdnC5UUozjX8gR695EIjSqVhlsl9lAQmv7kVwMM-MrunHPAHyKyoE8a7HGwEXUMZgB3pSEmpITBlsc5PF3hZzu1m7v5FdU1PzA1V7TrGXnaX1sWxCjRVQiERH9ev_t6Ut3R_W4nge0tHID9Co0d8AqdyUmIiEOPX1V9lfzu3GXeuLdA3YTHGooT33c8ZHqwUI_U5Vxlh13e5kKOWsJ69xQebnRLdJLshIV3at9H7a-sDUKQChEk85ytUWukcArdVxu1NSPEuIjBiZrtmkC4ByjWZVZpkKqYYuMy-wSWVXKDRKZHdQV9hQRcMb0Y6Qif2caywY7iHoS8LLcb_0Uo8lN4j9m6FHep-dct7bkC1NlRI-rks8sw8cxbO5B1fx-QCeYTritmafNBV8ccHcm9TMiUiYQbaXXGYd1wigO6g40DbqGErw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 2AA7 43 B
702 B 109ms
106ms Document
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=14940800071026304444470012358003&pv=1

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=82s1z1rtt4yg&nw=20&renderingType=javascript&namespace=2f5d27ef28&subid=&uid=a0cfed8e50a4abb6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRL8FWceNZLPyB5yEwuIP5JeTwAvM-YagadO5x__3D_AuEAEglubfEGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_Q1BSdoEr1T2Et9JKBQGKvbR1GtVb7O-vFeD64P7i9DJc5TfTO4TSfL1VddocypvuIcsosXYr5PJVy8byqjzgzm1KN1gGLDluLJkHRy5L5TDAUBn_8H7LvD1_e9jWhQ_IbAFLbZBf9nrwykYhyPoS2TXA5xqJO39hetSG92AfUJk4tqPJgKM5AcJgNCQ-OSRT6he6A94JDeXz7haKXnL8c0Ln4ATO35TJxxUViGUt3C7rnk2Mefpc7sXiQcSaPk8Fd_EoOdKu8_WKFHpoSXFJOul41hllDd4dWwN5WLCjQ2HRrz74ZwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDuRuamBaq2GdJwuZrgB8IPtwimjdkxfZXX4dc-0PL9wBqRwP2UHLWxrE-mPHv8c12hZlPAcNTQHCbGAE%26sig%3DAOD64_1AJQ2wDw1os3CuUNJ5pG1lBW0U2Q%26client%3Dca-pub-8211648974049874%26dbm_c%3DAKAmf-AqAtX6MSUVhHhmVTgrNLgB-M_igJwSdwxVfRY5G3MgejA5Ps0diRs8nwji8r3TTUJ3q7wC0mifK95LUprl3wjOMlb0NifErni1REe_1SCuWryQaeq_rieay3a_XjvJI-a3zOcYu-h8TeK-1dz7mckJfuIZSCjNsu0CDSJ32DLc6o1EH3A%26cry%3D1%26dbm_d%3DAKAmf-B_gbIo5--mnCtT7oCOMmfBiQDvoWZX8vCUq-Pz0cXl5wK9Ifj7MB_AXXICEIlHP6w6TsnrypJkb1NV2gaSzeIsGbZAHhhS7c6KRiT2t37vJS7eDdHu5JQ6xUq9vXj2lUko63ATRXXj1xPY45hg7xu4gMuTzqDozPfwRZuUDsTg6JjVHQwDQtt3n4jMJB9ZpbwkN4vfVd7ksZIFPJxmUWCe7RnfzXUpMTIYLCFe8Zv5qHKOlQtHHXh4_Wex-I3IOQDwo6asQ-DyMXQgcd8m6rRWI3-IGPTWxWf9L99-pg7DEZ5Z5lDv0H133cpaAhSXq9l2JVlQ5UFGqf_hdY6mqPlglNprXTCbon4HbDa6gZtxVJlmdsYDI6tFx0pAzbVg3hufhfvx_TiGvUontiO-JvuyXQHoKpQZwSP2M1-qwS9xYpjrETUZrnCcwT_uUlHpqrj9E0dEhOF1Aom3NIKfpKwyMI2WUDR1H8pbzuiZczNckRLaTCN0yAaDGBZdoJMsyy7jsjsIcaBJslqi8ckzxLnpeGfsTBAnZRjw6lWZDaM9CHLHnu1ASrl8Pv2CoZP123HyGQau%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com%2Chttps%3A%2F%2Frd.fharr.com%2Chttps%3A%2F%2Frd.fharr.com&random=7739629862999&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Jun 2023 14:46:51 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame DA52 43 B
701 B 110ms
107ms Document
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=1031723&v=8472&q=318383&r=235229&pref1=14940800071026304444470012358003&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Jun 2023 14:46:51 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 51E0 435 B
700 B 81ms
81ms Script
text/javascript 52.214.187.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=34211&m=2005487&a=70002&r=14940800071026304444470012358003&t=js&wid=tt-640aaf
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.187.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-187-105.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 011fe21db176dc6caabd66771ebd260b614445daeb5b7029b3cd2f9991a64c0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 17 Jun 2023 14:46:51 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame 94A9 7 KB
2 KB 143ms
48ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=14940800071026304444470012358003&a=cb1cb922
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=82s1z1rtt4yg&nw=20&renderingType=javascript&namespace=2f5d27ef28&subid=&uid=a0cfed8e50a4abb6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRL8FWceNZLPyB5yEwuIP5JeTwAvM-YagadO5x__3D_AuEAEglubfEGCRhKCFjBjIAQmpAnH8qUpKWbI-qAMBqgTmAU_Q1BSdoEr1T2Et9JKBQGKvbR1GtVb7O-vFeD64P7i9DJc5TfTO4TSfL1VddocypvuIcsosXYr5PJVy8byqjzgzm1KN1gGLDluLJkHRy5L5TDAUBn_8H7LvD1_e9jWhQ_IbAFLbZBf9nrwykYhyPoS2TXA5xqJO39hetSG92AfUJk4tqPJgKM5AcJgNCQ-OSRT6he6A94JDeXz7haKXnL8c0Ln4ATO35TJxxUViGUt3C7rnk2Mefpc7sXiQcSaPk8Fd_EoOdKu8_WKFHpoSXFJOul41hllDd4dWwN5WLCjQ2HRrz74ZwATq68yj5APgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGwE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDuRuamBaq2GdJwuZrgB8IPtwimjdkxfZXX4dc-0PL9wBqRwP2UHLWxrE-mPHv8c12hZlPAcNTQHCbGAE%26sig%3DAOD64_1AJQ2wDw1os3CuUNJ5pG1lBW0U2Q%26client%3Dca-pub-8211648974049874%26dbm_c%3DAKAmf-AqAtX6MSUVhHhmVTgrNLgB-M_igJwSdwxVfRY5G3MgejA5Ps0diRs8nwji8r3TTUJ3q7wC0mifK95LUprl3wjOMlb0NifErni1REe_1SCuWryQaeq_rieay3a_XjvJI-a3zOcYu-h8TeK-1dz7mckJfuIZSCjNsu0CDSJ32DLc6o1EH3A%26cry%3D1%26dbm_d%3DAKAmf-B_gbIo5--mnCtT7oCOMmfBiQDvoWZX8vCUq-Pz0cXl5wK9Ifj7MB_AXXICEIlHP6w6TsnrypJkb1NV2gaSzeIsGbZAHhhS7c6KRiT2t37vJS7eDdHu5JQ6xUq9vXj2lUko63ATRXXj1xPY45hg7xu4gMuTzqDozPfwRZuUDsTg6JjVHQwDQtt3n4jMJB9ZpbwkN4vfVd7ksZIFPJxmUWCe7RnfzXUpMTIYLCFe8Zv5qHKOlQtHHXh4_Wex-I3IOQDwo6asQ-DyMXQgcd8m6rRWI3-IGPTWxWf9L99-pg7DEZ5Z5lDv0H133cpaAhSXq9l2JVlQ5UFGqf_hdY6mqPlglNprXTCbon4HbDa6gZtxVJlmdsYDI6tFx0pAzbVg3hufhfvx_TiGvUontiO-JvuyXQHoKpQZwSP2M1-qwS9xYpjrETUZrnCcwT_uUlHpqrj9E0dEhOF1Aom3NIKfpKwyMI2WUDR1H8pbzuiZczNckRLaTCN0yAaDGBZdoJMsyy7jsjsIcaBJslqi8ckzxLnpeGfsTBAnZRjw6lWZDaM9CHLHnu1ASrl8Pv2CoZP123HyGQau%26adurl%3D&documentReferer=https%3A%2F%2Frd.fharr.com%2F&ancestorOrigins=https%3A%2F%2Frd.fharr.com%2Chttps%3A%2F%2Frd.fharr.com%2Chttps%3A%2F%2Frd.fharr.com&random=7739629862999&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: cd58fd969a38ad0172f24afe0c6d821fc53c3ac9234aa3935dc21c2239859609

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2098
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Jun 2023 14:46:51 GMT
Expires: Sat, 17 Jun 2023 15:46:51 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5B54 1 KB
643 B 77ms
62ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Sun, 18 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 51E0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b10cc9d75ce105ffb7e99b00b537dc240a3049eba1bedbbb1422f073c163dd27

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34C6 0
20 B 97ms
96ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8908085299118&version=m202301230201&ct=77&x=1&cor=15919505498348028000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
static.tradetracker.net/nl/material_image/70/ Frame 51E0
Redirect Chain

https://ti.tradetracker.net/?c=34211&m=2005487&a=70002&r=14940800071026304444470012358003&t=html
https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg

97 KB
97 KB

42ms
42ms

Image
image/jpeg

2600:9000:21f3:2c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532
Protocol: H2
Server: 2600:9000:21f3:2c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cceeda9854393610236e90cd30132b01a18980275937ffe553ec4e2f448afad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:27 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
last-modified: Tue, 21 Dec 2021 13:45:41 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 44
etag: "61c1da85-18254"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 98900
x-amz-cf-id: V73IxhzPaUiQOUZp9WHNOXweuUQnJT-RSuS8UuL4DKFHtIdw5yX_aw==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
date: Sat, 17 Jun 2023 14:46:51 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
server: nginx
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A984 0
20 B 99ms
98ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1392023834351&version=m202301230201&ct=77&x=1&cor=15341589354437003000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6C9 0
20 B 103ms
102ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3373341967860&version=m202301230201&ct=77&x=1&cor=13801519230579290000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B54
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA6tzEIGxPkXy88qYU464YU&google_cver=1&google_push=ATf1kGPVfZ7UyZQn40SabJL8bEpchh9WLOulONFL8SoILvLqNs8P-X22FqKxuSvxXKPj7sBfXAwItOSAwBDy1LOp...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPVfZ7UyZQn40SabJL8bEpchh9WLOulONFL8SoILvLqNs8P-X22FqKxuSvxXKPj7sBfXAwItOSAwBDy1LOpAhZPdzYOrV7h2t4

170 B
188 B

72ms
71ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPVfZ7UyZQn40SabJL8bEpchh9WLOulONFL8SoILvLqNs8P-X22FqKxuSvxXKPj7sBfXAwItOSAwBDy1LOpAhZPdzYOrV7h2t4

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:46:51 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPVfZ7UyZQn40SabJL8bEpchh9WLOulONFL8SoILvLqNs8P-X22FqKxuSvxXKPj7sBfXAwItOSAwBDy1LOpAhZPdzYOrV7h2t4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 17 Jun 2023 14:46:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B54
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGNOBijpartkxcq5bJVISYgbPG3JZU1e-WTSefQ_T4sCF1psN3D9WpEZQQcn1KlSeq60mqzV9JzR2FcT26yq_Vt31q8Ou-82kcE&google_gid=CAESECb40qE6rK35ENnaqbIuUsA&...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNuOt6QGEgUI6AcQAEIASnNnb29nbGVfcHVzaD1BVGYxa0dOT0JpanBhcnRreGNxNWJKVklTWWdiUEczSlpVMWUtV1RTZWZRX1Q0c0NGMXBzTjNEOVdwRVpRUWNuMUtsU2VxNjBtcXpWOUp6UjJGY1QyNn...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWZBb09CN3R0eFVZWlJEOVNFNUFaTkctLVRDZ2tzQ3VJd3lDMzRMRzd6QQ==&google_push

170 B
188 B

70ms
69ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWZBb09CN3R0eFVZWlJEOVNFNUFaTkctLVRDZ2tzQ3VJd3lDMzRMRzd6QQ==&google_push

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:46:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWZBb09CN3R0eFVZWlJEOVNFNUFaTkctLVRDZ2tzQ3VJd3lDMzRMRzd6QQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B54
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHfeaZNdGokbVdFujKBcgM8&google_cver=1&google_push=ATf1kGNhk66xdj5ceYFf4OUSwf08I0_V4fyeCbNfGK7XHIsjHtil_0peRQIJPeRajo4R3hJk4NdWWVvN6PhUVR...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTY2NjU2OTE4NTUyMzg2Nw%3D%3D&google_push=ATf1kGNhk66xdj5ceYFf4OUSwf08I0_V4fyeCbNfGK7XHIsjHtil_0peRQIJPeRajo4R3hJk4NdWWVvN6PhUVRPE4R...

170 B
188 B

70ms
69ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTY2NjU2OTE4NTUyMzg2Nw%3D%3D&google_push=ATf1kGNhk66xdj5ceYFf4OUSwf08I0_V4fyeCbNfGK7XHIsjHtil_0peRQIJPeRajo4R3hJk4NdWWVvN6PhUVRPE4RaEnlJqz0WsebE

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTY2NjU2OTE4NTUyMzg2Nw%3D%3D&google_push=ATf1kGNhk66xdj5ceYFf4OUSwf08I0_V4fyeCbNfGK7XHIsjHtil_0peRQIJPeRajo4R3hJk4NdWWVvN6PhUVRPE4RaEnlJqz0WsebE
Date: Sat, 17 Jun 2023 14:46:51 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B54
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEImVizFvvHSbDTqIsxseR1s&google_cver=1&google_push=ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-aPHeGFS...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEImVizFvvHSbDTqIsxseR1s&google_cver=1&google_push=ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-a...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-aPHeGFSBn8jfeO9ffk&google_hm=-f7OiOFtS_GT6lADdT8f...

170 B
188 B

72ms
71ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-aPHeGFSBn8jfeO9ffk&google_hm=-f7OiOFtS_GT6lADdT8fVg==

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-aPHeGFSBn8jfeO9ffk&google_hm=-f7OiOFtS_GT6lADdT8fVg==
date: Sat, 17 Jun 2023 14:46:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B54
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGsv1T_5WehDQnHj5Ud1loU&google_cver=1&google_push=ATf1kGPSuczqXgY6DNLymLCmIBxxgBKaJPaaW2QtrtGRi6Et2j8AF4Alsz468j8GXyj7oP46uJYOMMOXPnULNYbRT5nNnWs...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPSuczqXgY6DNLymLCmIBxxgBKaJPaaW2QtrtGRi6Et2j8AF4Alsz468j8GXyj7oP46uJYOMMOXPnULNYbRT5nNnWsJwULXARg&google_hm=eS1CZWZ6clpKRTJwR1Z...

170 B
188 B

71ms
70ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPSuczqXgY6DNLymLCmIBxxgBKaJPaaW2QtrtGRi6Et2j8AF4Alsz468j8GXyj7oP46uJYOMMOXPnULNYbRT5nNnWsJwULXARg&google_hm=eS1CZWZ6clpKRTJwR1ZXZ1BvUm40b2QyWEk0dnoueUU2aH5B

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:46:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPSuczqXgY6DNLymLCmIBxxgBKaJPaaW2QtrtGRi6Et2j8AF4Alsz468j8GXyj7oP46uJYOMMOXPnULNYbRT5nNnWsJwULXARg&google_hm=eS1CZWZ6clpKRTJwR1ZXZ1BvUm40b2QyWEk0dnoueUU2aH5B
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 5B54 42 B
204 B 116ms
33ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFmDKAw32U3LMNqTfxD4zvs&google_push=ATf1kGPoDPtmTSB3Qj5RFogmkbMHS6H_Pvxv59EG28I3QuuveONWoTaM1EYRdM1bgBiGJ9ze_6Rbpf7dYJMXlBM4NQy5B_9BUJJjASQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:51 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

report
sync.teads.tv/um/ Frame 5B54
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPlIdNSqR5yjHe-f8rNcSxs&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO1CGPqF2HKCrD-7RDmTqQ7vw2lGyFPlTW8wIFG65-QfLwUMDx-e65gXf9qrvJ93_X8kxke99JdjVEzPcs0KyedMd06a40GDsH9
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

150ms
150ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8211648974049874&output=html&h=250&slotname=1304663334&adk=3288322856&adf=4198761044&pi=t.ma~as.1304663334&w=970&lmt=1687013209&format=970x250&url=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013208547&bpp=5&bdt=1148&idt=511&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&cookie=ID%3D21baf416523e903a-22077bf7a8b400eb%3AT%3D1687013204%3ART%3D1687013206%3AS%3DALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ&gpic=UID%3D00000c4a8904da96%3AT%3D1687013204%3ART%3D1687013204%3AS%3DALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w&correlator=4154209518095&frm=23&ife=4&pv=1&ga_vid=1450125800.1687013205&ga_sid=1687013209&ga_hid=1671748304&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1806&biw=1600&bih=1200&isw=970&ish=250&ifk=3315075354&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075305%2C44788441&oid=2&pvsid=4436964757474128&tmod=1914639916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xjqtfjeyj2yg&btvi=1&fsb=1&dtd=532
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 14:46:51 GMT
pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5B54 0
12 B 75ms
73ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkdGndK1Bpv3jucaf3pQYIJzNbMVss8hBseMyBKmX2HwjsR9gdfBbohFsSwQDxxrAUjsfieA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 94A9 5 KB
682 B 74ms
72ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=14940800071026304444470012358003&a=cb1cb922

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:41:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:46:51 GMT

GET
H2

200

imglaudius-nl-logo-120x60-1576844293931.png
a1.awin1.com/ads/awin/8177/ Frame 94A9
Redirect Chain

https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=14940800071026304444470012358003&pv=0
https://ui2.awin.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png

10 KB
10 KB

39ms
38ms

Image
image/png

65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=14940800071026304444470012358003&a=cb1cb922
Protocol: H2
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91d149cdc0eba46d8512f56fe0f1312aec78279f103bfd77a415c41d1ddc7236

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: _x3EAs_goRVum4q7VVzSAbzinA_eg4Ee
date: Sat, 17 Jun 2023 04:19:23 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 37832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10103
last-modified: Fri, 29 Jul 2022 15:14:21 GMT
server: AmazonS3
etag: "cb129a4dff86158296c0cf089661dd23"
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
x-amz-cf-id: 7xtk42wBsvqUrrHsNA4s20oW9Dat7iGd_rquzJyva__VCq9gEz_uDQ==

Redirect headers

location: https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
date: Sat, 17 Jun 2023 14:46:51 GMT
content-length: 0

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 94A9 45 KB
45 KB 254ms
155ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/211221_banners_megekko_affiliate_image__1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=14940800071026304444470012358003&a=cb1cb922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c3c33ac9d2e2e20b7db93eb53684676ec7c2f48e04382512463ef37ffbfac830

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 45917
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 94A9 43 KB
43 KB 220ms
120ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/62900/creativesup/NativeAd_1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=14940800071026304444470012358003&a=cb1cb922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f3ba9181b56921a44c524aad3902c40fc02b2bf14910970803510114d43bd45e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 43882
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 94A9 0
150 B 140ms
47ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=14940800071026304444470012358003&a=0d045eb2&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=14940800071026304444470012358003&a=cb1cb922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=14940800071026304444470012358003&a=cb1cb922
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:46:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 94A9 14 KB
15 KB 62ms
62ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 417290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 18:52:01 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 94A9 15 KB
15 KB 68ms
67ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 417290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 18:52:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1891 0
0 75ms
74ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQM9WPxj2_H6eWLTuFRpdDG5nLSU31guMqxHMKvrHCNgYgTQsIZdHsbBYcYsQkuYcjZz1ytyxPBB3lrMSDJ8T4RGPuTnjMciRCT1L5dz_qy-AB6oeWIWMhs7mX-QIM7i-SB4bigt_vcng_cp8XAPhUqf6ckCDoBWfN2kLuikwDFoS6Se9oWh22LuKFAxeX3c4RoCYqB2r3os8q9j7mmSEUtKtJ2NiELiPCvsSV75LmxidgjXK1t1ZsUw-cVfUFodeOfa37Q9SzNI99tfM1oQzhX4KB-nUkY_XOExQMJvEl_9509RjHHyek5zu7YrJowE_wXCohOILn1YlAhiUBGBBZLG-u3Y0p&sai=AMfl-YQ1njnGRAZIVBIJ6du31CqlRLNmDmEq9ZC4oHGaB-moIbrQDKGf7TUlA8rw6XW-DIRJESHUiLOutEZpfd2dpyLvdn1pLQ6Rxhi3_H6ZyeHm8ZWeDoZ-IC_6Wd6aXj1JLg&sig=Cg0ArKJSzLVqGI8nIl21EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 14:46:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1891 15 KB
11 KB 91ms
91ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230614&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

054f96cc3cd6be244dbaddf13ca2d6465f7ce91162cb402d3ad410d5eb42abb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11262
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1891 17 KB
6 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 14:46:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C3E 13 KB
5 KB 74ms
62ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:00:43 GMT
expires: Sun, 16 Jun 2024 14:00:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E295 783 B
536 B 55ms
44ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

638237fadde0e9a22ceae7380f191f271139cbdcdbccfca2a726892229e20e22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bTLEVOU7QL5Tr7GKs6OgHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-bTLEVOU7QL5Tr7GKs6OgHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:52 GMT
expires: Sat, 17 Jun 2023 14:46:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E295 0
0 98ms
98ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230614&jk=4436964757474128&rc=05ALyjir-6fvRgttaQ4wMwwdiT8cDZeXt4gMOMQSlr-XRkx1v3hiisQ4SiK-giA9iyqi8oMqv6KKOu3jGIQISrh8pi5SxgKC2-KkEu3ZE5IVCFd4CRlxZVr0sDwPxuUj-mJtFlmcBO-5wCduLppBKOAr4X6wx7Pi_zcfgRFz4b9O7_ueL8oVA8_Apatfen1g
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C3E 37 KB
14 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2C3E 0
10 B 64ms
64ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?e1Z2Ug
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 collect
region1.analytics.google.com/g/ Frame 2946 0
17 B 33ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3S3JP22CEQ&gtm=45je36e0&_p=234581720&cid=1450125800.1687013205&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=3&sid=1687013207&sct=1&seg=1&dl=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&dr=https%3A%2F%2Frd.fharr.com%2Fdb%2Fitem%2F400368&dt=&uid=cf745a3e507afe1995f178f62a9171a8235c50606cd6c7974191925dd3af1ef2&en=page_view&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3S3JP22CEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rd.fharr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E0 0
20 B 97ms
97ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5999354276808&version=m202301230201&ct=77&x=1&cor=16204548129478435000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1891 0
0 124ms
100ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230614&jk=4436964757474128&bg=!8POl86fNAAaGYqkwpmI7ADkAdvg8WnEEA3HNks30y27iK8t_4BCsbocuzTkxaf9bto6r05gA9ImnHXtBlXg_EKPb0plKezlzH74CAAAAnVIAAAADaAEHmQMThVREHfbhBbHDsKPYKiVCXJRyZvh0n6iN3zicOzyHTHZuvkSCK0qX7-kwrdpzG71P7SmbjKU9UfvpFBqriZ5JEmNBGSoP6wrfTK0yMf_0xXL43qkRtPRwtZDTlq4UGqk2vm14YNUpuVmOyLZV70hA_7KfL-WJelAKwmk-JdXv5J8UUg01d97Fuwecs_ZaG5mTHq81hZVF81UTdgYEv3O06sCZeLiTbZETINJtoHQ8pSoOtLKRO4MjNydlwf8U4yKQhnl0bATXWnieqyOEZD0OEoCMfnIfNAe10acTWPJKl4hpE6kZ1feOQJsiYbtIUP8ayebNODYpv4P5mC4F7R5JsxwQ43YwiWNM1Mz-J0ECvFt7OjukRmXZBuo85C4fKy2BPVWqn11dQ20xJeEx5LPAQ4I71Xd5PjhqsxZihD5lxjQOfBhuud6FQFnzvL3JEkrwS7aASn0GWLP7Rl-I1dicZGVF18MtdoSnIF1GexmGlwQS7gzGYLC6b3Fk0Ts2n1bx6dTs6XaDu7wUjo3pb0ESsIs6k_euPwx8KF6-ZRm4ks5VV8D7csv_jq3HZjZSXnM9oZNNtvTZ8G8Xq88IbTH1mG137X6MoD6EFCBN3ZA7P2gQBeX29QOCwl9YQfU0vekZ5WfxVVYwtMGk_f3bBBM2QYM5gRlkHfM0q-gVfJYhg-Ctc_DPVoeTC1_30KO1rYUDvOTMU1yv3fYpYZy-egRunQoas9JE5xF6h1-9g0pd_xdgLIsVvaSGhDoY3MPzWxaiA4AMI_qMjp-PfN4upg2hsnaBvTJS4YspnJT4qWPmWc5UhCRZNSRyVAZ5ObKpKR9zOu7XGDl_lQDf8sJF7gwLT4i6wzzII5p0fumPCtqLbWO3yZypm2y6-X1k97qrdyaKls4zItvWGgOK6qu6y3AqiSylZEEt24VXIREHY9adxTZQFpyg_C0TWfruFxSRKsB42Qv8tG1-upywQsYVjpo7BT1iMt5IUA19KvAH7mV4p1zKxcmL5kJQNWabQVrWsHGOYNY1qzrqtel6UU5xvQpPPei4bg
Requested by: Host: rd.fharr.com
URL: https://rd.fharr.com/db/item/400368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 86ms
85ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b17f60f9cec2479348b30543a2f8ccdd46fd704098d6cbceb23195dbefc34d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11352
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rd.fharr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 14:46:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBE8 13 KB
5 KB 63ms
61ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:00:43 GMT
expires: Sun, 16 Jun 2024 14:00:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0B20 783 B
534 B 42ms
42ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a833e21eecfdc84dfdee0c858ac1e649fba4a890939f43ea8b581e75d9708fa1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UXa60IBwraTPSic5wrbGRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.fharr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-UXa60IBwraTPSic5wrbGRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:46:57 GMT
expires: Sat, 17 Jun 2023 14:46:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0B20 0
0 97ms
97ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306060101&jk=3978466103988540&rc=05ALyjir-6fvRgttaQ4wMwwdiT8cDZeXt4gMOMQSlr-XRkx1v3hiisQ4SiK-giA9iyqi8oMqv6KKOu3jGIQISrh8pi5SxgKC2-KkEu3ZE5IVCFd4CRlxZVr0sDwPxuUj-mJtFlmcBO-5wCduLppBKOAr4X6wx7Pi_zcfgRFz4b9O7_ueL8oVA8_Apatfen1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame BBE8 37 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BBE8 0
10 B 61ms
61ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FrbtPQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:46:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/354043351_639357331548921_2153896423364903803_n.jpg?stp=dst-jpg_p320x320&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=kijtOMthAv4AX9j5QAG&_nc_ht=scontent.fktw4-1.fna&oh=00_AfAlJIX8DQhEU7OcXHuC_5dQax5soQuoQEUdReL9a4BEkQ&oe=6493A17A

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-1/352517432_297727896147201_3220230476297656825_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=JcSlyozEICsAX82hqVb&_nc_ht=scontent.fktw4-1.fna&oh=00_AfCnRXRldqCp-AqlkRvku31aVEUkpCHOJeaeWDKgWkO0Ww&oe=64927055

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/353668984_638880131596641_4453071373186895284_n.jpg?stp=dst-jpg_p240x240&_nc_cat=108&ccb=1-7&_nc_sid=8024bb&_nc_ohc=QxZ2PVRdXUcAX8eqiwv&_nc_ht=scontent.fktw4-1.fna&oh=00_AfBNoItObI3nNKl2-9QzVsF0ta3NeGyhTCDcDdd85Sx1Bw&oe=64933642

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/352521227_636443628506958_5983551967134334363_n.jpg?stp=dst-jpg_p240x240&_nc_cat=100&ccb=1-7&_nc_sid=8024bb&_nc_ohc=vTnW5tQThoMAX_ynYpq&_nc_ht=scontent.fktw4-1.fna&oh=00_AfBZApdugsn7Tt4dK7kKd6-t7x5hPE01UsWYxWO3_85joQ&oe=64935410

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/353046201_637132485104739_7451310794531979742_n.jpg?stp=dst-jpg_p296x100&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=UpcGXF4GINoAX8FzH0j&_nc_ht=scontent.fktw4-1.fna&oh=00_AfCjw0XB47UVIN5sggMTal_WH9j62o_vmnTWPvXvsIjnvA&oe=64922854

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/353062649_637132578438063_7702816375906027618_n.jpg?stp=dst-jpg_s526x296&_nc_cat=101&ccb=1-7&_nc_sid=110474&_nc_ohc=1VLfF21Z0LMAX-Z0d_S&_nc_ht=scontent.fktw4-1.fna&oh=00_AfCjvMz6shCJ6juqGeW0pYBv03C1ivZenZpSdrdX9iunFA&oe=6491C7E2

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/353068806_637132538438067_358936261873703052_n.jpg?stp=dst-jpg_s206x206&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=Wbys7ovdXfcAX9yOkdT&_nc_ht=scontent.fktw4-1.fna&oh=00_AfDzgW1XUChc4IpcldNVVpjlz9TWnx4B1cNxRChDxLIw3Q&oe=6493B1F7

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/352988844_637132561771398_2411123245666744617_n.jpg?stp=dst-jpg_s206x206&_nc_cat=102&ccb=1-7&_nc_sid=110474&_nc_ohc=Z-ch1T6W-t8AX8UQNuN&_nc_ht=scontent.fktw4-1.fna&oh=00_AfAZsexIqbehTlZHN1WMu51690jrnQwSL7hjZ2zAZbtqzg&oe=6492B9D0

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/353420883_637132591771395_2232989604887196020_n.jpg?stp=dst-jpg_s206x206&_nc_cat=109&ccb=1-7&_nc_sid=110474&_nc_ohc=G3Gh6tiKFjMAX_LZDEo&_nc_ht=scontent.fktw4-1.fna&oh=00_AfAjG3Guv8eJkVArrS7gRRnwfZ-i9ftp5nqhSncPXgr39Q&oe=6491D180

Domain: scontent.fktw4-1.fna.fbcdn.net
URL: https://scontent.fktw4-1.fna.fbcdn.net/v/t39.30808-6/352208807_3568634106688670_8108430070479242451_n.jpg?stp=dst-jpg_p240x240&_nc_cat=106&ccb=1-7&_nc_sid=8024bb&_nc_ohc=I1d2jrOJ_2cAX8xN8fv&_nc_ht=scontent.fktw4-1.fna&oh=00_AfCHaJk1KtJ1h8329tdrYchlMS214v-olYwR0WbBKC6Zwg&oe=6492B048

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306060101&jk=3978466103988540&bg=!Y2ClYDTNAAaGYqkwpmI7ADkAdvg8WnHnOxTb_rEDvsOGENB54TZqgUVUJyO0Wr9_5FxBM7Bgqn8a2kgLdxRCEac5SYm7ajUlnTUCAAAAR1IAAAACaAEHmQLu5BasMOiiGglVK2KySG_V1w3XIya3SxFmif2MijWxR5oPWYfDYNo0IDAGoYuiqKhK_XJTC8bRN_M0k2m7Pqi2TSNtWZfLij5Uu6n3FP50pzXrY8Vga8M6TKWbGhHIPMFxYiy7GT5vrfODxhbXKqen2FkEQi3YJrzCWTX_y7KQKHL4GTyTYU8k08oUNDnGDGjxlkNn7JcKFl0QRpdj4Bkadl6FYzTpB0g5rlMwDGjp55-qo5CLqU5IFOjUn-kafitjBtEd0dN6VpwJLjRwDnl5EezHMK8smbCHznjaZdpX1VFh5OsZ9gnQsEEFPPllcY_fTZ1WhoSayT_08mHG-FjoG4fNqMM2v_yzRXvnGy_cNdfp9bqn_D1-LUTmEYXnurM66kFXNdSipzTXjzFcot0entG3iijnkZnqM0XmaTigTO8TNbamdhf03MUEoNt0607AFVizPdua0thEjdAqq4BlRIY2w0iPvtcpM3ji9G5CUGnv9TwdCugka5aThc0vXUMUW-tqBDtKpkpVhIJt4cnsW7Fw6FP5W6qS2YKMd5BIcmw3D-mhDZOZp3HFg4z9bg_uRzpf0-TxpF23Eu7sSFGLbotO3ayjEInCYutYFpgl5NgwjquCbEIxE-wJNsvyJ5YatirIR4haK7U6kCXuveSye4Q8w7ZvENBBIj-210zW_4H5bTDHP9GW9z_BN5xLtbA75tjNsB6oMLXyq6-vFeIIz8Ec2NKASq9w3qzyV5SxXIFGPoocjXuZsaxzdCpR386WM7jCADPqUirAMk9C4g7gCsS74cjK23boK3R1hXTkYpsHFMW3h9PQhzw2pBMgVTX8pnDZbuk4HV1Mk_oXEVF3vFMKH8PvbWKGXCHwoYlVoBBtDJJ3LrkttbIPaMSZ22_FMpIMhQgDouBl8IoE6zAoRiih0rwZyJ_cnQG__SLf6r9osj5ymRy47wPU4r9LKGkpospCDfZTaYB89Tcwb4yLC4c0K5YFdyLoWXC8pmr5

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 16:56:05	Name: _GRECAPTCHA Value: 09ALyjir_KDqOsxyyA-XPMRPaofTzK4SKyAAZAYWFZW4lIbk4hfIxrdVFvqDNA-SlX71b7d4DfIjn4a7jMqCVHGb0
rd.fharr.com/db/item	1969-12-31 23:59:59	Name: same-site-cookie Value:
rd.fharr.com/db/item	1969-12-31 23:59:59	Name: cross-site-cookie Value:
rd.fharr.com/db/item	1970-01-20 12:38:19	Name: AUUPSI Value: cf745a3e507afe1995f178f62a9171a8235c50606cd6c7974191925dd3af1ef2
rd.fharr.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qrlkbdpq18ihn1fse5o9b0tief
.doubleclick.net/	1970-01-20 21:58:29	Name: IDE Value: AHWqTUkiSkfvl588UlRCgYNfoFlR_0RLrtJuo59VpbvOM7eZLuA2c2QGucEM3RrcRjs
.fharr.com/	1970-01-20 21:58:29	Name: __gpi Value: UID=00000c4a8904da96:T=1687013204:RT=1687013204:S=ALNI_MbVvPpoXypglavXTwGjyWp4dfRC3w
.fharr.com/	1970-01-20 22:12:53	Name: _ga_J35GLGDM3D Value: GS1.1.1687013206.1.0.1687013206.0.0.0
.fharr.com/	1970-01-20 22:12:53	Name: _ga Value: GA1.1.1450125800.1687013205
.fharr.com/	1970-01-20 21:58:29	Name: __gads Value: ID=21baf416523e903a-22077bf7a8b400eb:T=1687013204:RT=1687013206:S=ALNI_MYuh0xqYTtGTWFK8KIOHa9vnxTMdQ
.adnxs.com/	1970-01-20 14:46:29	Name: uuid2 Value: 4645660540769773165
.casalemedia.com/	1970-01-20 14:46:29	Name: CMPS Value: 5300
.casalemedia.com/	1970-01-20 14:46:29	Name: CMPRO Value: 5300
.adnxs.com/	1970-01-20 14:46:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTxrco/u!]tbPl1M>e)ZlrFUfJ+tGXxoLKhMwrHJV+wIJwqX_+^xY38%ZskcWr:_[bpRzqF1`b`4t*4VAI
.casalemedia.com/	1970-01-20 21:22:29	Name: CMID Value: ZI3HVw9flAdfZ-hMZhEzyQAA
.holmesmind.com/	1970-01-20 12:58:00	Name: Vision Value: 20230617-23:59,20230618-01,20230618-01,20230617-23:59
.holmesmind.com/	1970-01-20 12:58:00	Name: C Value: null
.holmesmind.com/	1970-01-20 15:01:50	Name: RK Value: null
.holmesmind.com/	1970-01-20 22:12:53	Name: P Value: 938714-aFzoNKvyPdVTrnMhcbfSL89dGrhrRgw2
.hinet.net/	1970-01-20 22:12:53	Name: uuid Value: 588930f0-b299-42b0-a836-d8f1f460e7b9
.fharr.com/	1970-01-20 22:12:53	Name: _ga_3S3JP22CEQ Value: GS1.1.1687013207.1.1.1687013207.60.0.0
.redintelligence.net/	1970-01-20 14:46:29	Name: 8lcfmzhxc8d6_uid Value: e177534146d809e0
.tradetracker.net/	1970-01-20 21:23:55	Name: uf Value: Z0l3e4OjG4XDsQHvDZatNW9tajFtbFZoNkkrMlZYUm1RbU9obDF0Q1U4ZUNDM2t3MXFNVDZvZCtqamc1VWZNdks3bXlVeHdHZVhIT0VnUWFlNzltZ0owMm1JbjZxOGtld2hPMldBPT0%3D
.tradetracker.net/	1970-01-20 15:00:53	Name: pi Value: a6bbc2eae7accccf6c68ce7daa218b81
.awin1.com/	1970-01-20 12:41:12	Name: awpv15314 Value: 235229\|1687013208\|c9f36bd0-0d1d-11ee-b2dc-226488cda48a
.awin1.com/	1970-01-20 12:41:12	Name: awpv8462 Value: 235229\|1687013209\|ca1858f2-0d1d-11ee-b199-223078f3fa88
.travelaudience.com/	1970-01-20 22:07:07	Name: _tracker Value: %7B%22UUID%22%3A%226828B248-B8B8-4AB8-9911-E7E2FC821922%22%7D
.simpli.fi/	1970-01-20 21:23:55	Name: suid Value: 5935C494F3454FFAAD03029B4ADEB089
.quantserve.com/	1970-01-20 14:46:29	Name: d Value: EBEBCQGgKYEA
.quantserve.com/	1970-01-20 22:07:07	Name: mc Value: 648dc75a-0c4ae-2c076-a6de3
.everesttech.net/	1970-01-20 21:22:29	Name: everest_g_v2 Value: g_surferid~ZI3HWgAFSx0crgBR
.w55c.net/	1970-01-20 22:07:07	Name: wfivefivec Value: op9M0g0r1Qaxcu5
.doubleclick.net/	1970-01-20 12:36:56	Name: DSID Value: NO_DATA
.w55c.net/	1970-01-20 13:20:05	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-20 21:22:50	Name: A3 Value: d=AQABBFrHjWQCENRzzqiwzBknMS_fKzZoEegFEgEBAQEYj2SXZO2PzSMA_eMAAA&S=AQAAAmPKIlusjBBgH-dpkM8dZtk
.spotxchange.com/	1970-01-20 13:17:12	Name: audience Value: cae6a10c-0d1d-11ee-ab3e-14604df00206
.analytics.yahoo.com/	1970-01-20 21:22:29	Name: IDSYNC Value: 18yl~2c9q
.awin1.com/	1970-01-20 12:41:12	Name: awpv8177 Value: 235229\|1687013211\|cb766250-0d1d-11ee-9f97-223306a13768
.awin1.com/	1970-01-20 12:39:46	Name: awpv8472 Value: 235229\|1687013211\|cb783710-0d1d-11ee-909a-2265c0ea454e
.mathtag.com/	1970-01-20 13:20:05	Name: mt_mop Value: 4:1687013211
.rlcdn.com/	1970-01-20 21:22:29	Name: rlas3 Value: vQ5rq6YFbQbbsO7zcQNHqaMzhc4EgqAuYeHA/PTs7eA=
.bidswitch.net/	1970-01-20 21:22:29	Name: tuuid Value: f9fece88-e16d-4bf1-93ea-5003753f1f56
.bidswitch.net/	1970-01-20 21:22:29	Name: c Value: 1687013211
.bidswitch.net/	1970-01-20 21:22:29	Name: tuuid_lu Value: 1687013211
.adfarm1.adition.com/	1970-01-20 14:46:29	Name: UserID1 Value: 7245666569185523867
.rlcdn.com/	1970-01-20 14:03:17	Name: pxrc Value: CNuOt6QGEgUI6AcQABIGCOndKhAA
.bidswitch.net/	1970-01-20 12:36:53	Name: google_push Value: ATf1kGMqS0QRkkTO8IU_4o2oKs0e3-IdRvCMmVhqDMR8xAiEapLHhLdw0kFSghV7m4kadT0iyBaHo9sc2WDN-aPHeGFSBn8jfeO9ffk
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 316721:2582325

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://yads.c.yimg.jp/js/yads-async.js Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.awin1.com
ad.doubleclick.net
ads.travelaudience.com
adservice.google.com
adservice.google.nl
avatars.plurk.com
b766e2ae11ee81bfd6c3800a5ab3357a.safeframe.googlesyndication.com
c.holmesmind.com
cdn.holmesmind.com
cdn2.sales-frontier.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpt.geniee.jp
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1b8e2ffe80450119eaaa1dd6ca27ea4.safeframe.googlesyndication.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900019.redintelligence.net
hal90003.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
id.rlcdn.com
imgs.plurk.com
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
rd.fharr.com
region1.analytics.google.com
region1.google-analytics.com
s.plurk.com
scontent.fktw4-1.fna.fbcdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.tradetracker.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
t.ssp.hinet.net
ti.tradetracker.net
tpc.googlesyndication.com
ui2.awin.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
www.awin1.com
www.facebook.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.plurk.com
x.bidswitch.net
yads.c.yimg.jp
pagead2.googlesyndication.com
scontent.fktw4-1.fna.fbcdn.net
104.111.217.42
138.201.63.117
138.201.63.150
138.201.84.245
142.250.184.194
142.250.186.134
151.101.130.49
18.156.187.34
183.79.219.124
185.29.134.244
185.80.39.216
185.94.180.125
2.17.100.248
2001:4860:4802:32::36
2001:4860:4802:34::36
203.75.214.136
222.230.178.131
2600:9000:21f3:2c00:1a:7c92:efc0:93a1
2600:9000:223c:6e00:0:e06c:e940:93a1
2606:4700::6810:31f
2606:4700::6810:3965
2606:4700::6810:7baf
2606:4700:e2::ac40:840f
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a03:2887:ff2f:0:face:b00c:0:a7
2a05:d018:d29:3602:226e:dde5:5103:25e0
2a06:98c1:3120::3
3.33.220.150
3.70.92.75
3.75.62.37
34.160.236.64
34.91.62.186
34.95.67.231
35.190.0.66
35.201.76.93
35.244.159.8
35.244.174.68
37.252.171.149
52.214.187.105
54.199.5.69
65.9.66.18
78.46.90.238
85.114.159.93
92.123.148.9
011fe21db176dc6caabd66771ebd260b614445daeb5b7029b3cd2f9991a64c0f
0219d750c245f6ae193ceac33864c2eca2610d52cd3c045abb05e99fe50955e6
023412b08879f730e5e92ce2465668df7b114f10a03a74fed9ebfb1ae457c0e2
02a73c76aa12a0b231a7c21c792d817f7f0453ac4c6f3dedf4a96375e0e7d15c
054f96cc3cd6be244dbaddf13ca2d6465f7ce91162cb402d3ad410d5eb42abb8
0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb
06a571a9beb50bd5ddd60517159775dfec1f3e798fff38fb117ae2350dc9ba9d
09220d95a594d96edb7b812467cb4c048aca524c1876a229930879e64b28148b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ad20254387801b671e998453de64ebc8fe5cd81816c0e1cd6a7961f7f2002e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
0de5cd59beb665507a20cd09ab0b7403cbf92dc7a4e3e24acf2ad1cd9d156fd1
1038b7a6e5e76ae822d248d92b358cf2c92f700c5f7e528d0d905c7bb60170ae
11d1bfaed1a228c9771d6bfd802871e12e0739faba53d638f409dc04fc9cf7a3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1281bea544688fc8e6ce55169c8258b18fc3180eeb4b0620f1a175128d897887
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
14e2ecbc274fd96f0dac163fbd5ee6318832451c2965540c7dc61e5f6e022704
165a0e2a23cbb2308cba54a68c034c186cb307e6857da43fe5b2398aab9a7b91
17be9c4cfa911f942924a4390e97e50322e4698c21fae09fc77afd0115c25494
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c7408814e3d966308da866f7fa0ced4a38b3e388bc0c896e9cf6b409d40cb1
1ab51bc94a2396b28801d741047d0243940111c3ab87897b76e241ee30ff51c2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d4e65e83b46567e196932605bfde1ad55b4ca8c011dc0518aa929aafc016e69
1db2eebed72eba8c0926d6c4c2281a02a745e99f29cda46bb196afc3a95e6015
1df83e942691621a55cb416efaeb2073378451b2a1be8611bc90b13c5f88b236
1f2b1d30247ea9c0b0b88b3dfe3bb77ab7cab508eddd472f839ee9a966e15055
217d71d3a68e17e46879e79ae0a1243692e033ac52e2efae4411d68c05618679
21f80442e5f3c3a6bc6e311f8c6cff749e1073d0780b2a92c3987654fa9a6257
23d0cc03f145a97b1b8823fcd07fb6a6a46b844f9714b0c69587d66c63ce0775
24b9164a9726a2af7b660f3a0f78001486374a78d55a8fef5be9615320770f2d
2505d4c9a43f8f751b4b69a694e351cc3f2158a8cde9f80596339acc61f26c2b
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2ce694cb33b0f878e76169a31c08cb470d2e3fced9b89d884a319d23b3264c02
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
305980bba41eb0c731cf9caec5f1abac5e9925fbe5cdbebdd3372a8b3e92640a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317fb189a6528a51b99d6d0c1220b8b1e746ae8fa65d9d28da6bfbc51c2976c1
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33aef3cbe4e75cf957c862f18d3a98ab3e605c59048c8fea4f29b844081f6443
33ea790469cb2203eb2981eb670aa1f2ee64d67b7923acea70581a87915dc791
34642785562ffe09f193a2ec34ff70e1af0abf170d601208368108fe526292ef
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
3564808aa607797c605a90d541828984eb027b3036956492d96f3c7482e1b413
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3ab296b2bb2aecd4942237b656e45565beb04d9e73c45346a60e1d92616aeaae
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ad10746593029765b253d1f930ec7d12d77aff3cbbf3dee8321cf0b31a87912
3e016c23ae51417382b640ae2d19eb48047532c37ad53894bd185586559ccffb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec1b4732aa5f2941dcb223044858fbf912b123934c20db2b230449189d80853
3fa9c295f76cd029cc3800a61a9bba75cd9062851924561e3ce1a18a9ae6b843
3fe4e47c98292de01537a2ac5eeb7073aa4fd3371653544abbf055ddabcd0bd8
400ad35ec5034949cffe1def843b0e81ba1fc510eb003194a2a60c026f9cb562
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47c74c235c54811a357bb9464289f78b34f9baab27f6d90b15bb5a33d58487d1
48312d24549b2234cc2f025ed892b958782cc7087b4149dd7bc59885c3af3a26
490d9347989bd9ae051a4cf624936e1f1a14fce9dcac3e755ac3429bca5557ea
4a036a1843f56124ea89c3f56750aba2937b97f458605841d2b998052fdb3f5b
4a9cf740a06e1ba558479f4f050de493dc708d8cb2f47b8d528fa2704d4151f9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4cceeda9854393610236e90cd30132b01a18980275937ffe553ec4e2f448afad
4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc5411b9a80037afad10b87736f3d5743e7e044548c942809b08a1d82e5413b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbbc81b532d66130532bbc78dfe1042e7d3bcb635308b5dee10e958d61cb25f
4fd35ca0a9a97e5a6added2c31fe44939578a8828361dab23644119e0e8a43d7
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511932cf4f2a9adbf1e025aee3df919280e284264d3551e341205be131c2a520
514fb1982836b9576524eee1afe56d746da06cfaf4d6220dfeaf21e157781c2d
52eb97e8e51270cb95234ab1051112a438e9be09864739d2bf9280ad9cac1067
5331a8d21c6a88afcd7a5d2834ac61746805a463857b02308171705ea580260d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e3d14d96e0c61c4e934528cfc3793501e3fbb00baa97bfdbaa3dca8ea7ce40
5904443e770d930786e074f002f77e13801539e2f3fcdde184253024d3b3faaf
5910577543237c335e33ffc1448fdc619f9e16a548ceac8cea4717a3c31d6822
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fcfbe94a22911a2bd3784842a3b4e445a48e5c00922400fbd8e97bab68134aa
60b4c8697c73df4d71743a99e6f78f0d9f62a2c8eea3bc1b59319adf52ba1348
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ed0d4e0aedf9a656caf40237e6aef9ad2ea0f41e5c8e3a4d6daaab679dfba1
62bf7e57ebc12f7a61aa36a8e4b4b25c8412f2212f91ff6f9b77d393245eecb1
636f54fe6a9d424b7ef9245475f07ae0e3c4899fe88d00cd3d6842054c9d68d7
638237fadde0e9a22ceae7380f191f271139cbdcdbccfca2a726892229e20e22
643f536f6982af4d7287af23f89ad457dd7e4a82f9c695330a112b0881c30a4a
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
655077dc6a2ce3942453658e99adb67667348fd40d5258e003ce38ef70f4258e
67c48505bd1b0579ee678bf5356b5c647fe4ae48b06800f212ed39b34b87f777
6a336f938df1799e3c499b69ff353abbfb8cc981692bcab0d013423bf171991a
6b17f60f9cec2479348b30543a2f8ccdd46fd704098d6cbceb23195dbefc34d1
6cc104d434bb05638dc6b0bf53723ae64180c777ba294308f3d87fc804a58b19
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
76512202adc598c074e544f15af7149934759c58090b2d3d40a0fa465d633c5e
7694573a86f303cabb2d2c27064dcaf58e0df866a47ccf73d14a6b682bf7450b
78678bde6a7af3edd9a56272656d718e0358f438e4d4f5f1946fec3ad0452f03
7a65f681a2da07843684984c2de38e9a100b43c5e3d72dee9f42f2470c19d394
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
828ec6ea7531cfbe9837631e3beec0fcbcada3ff49a6469a37480934c44cfc22
84a1217c10ae88b6ee262083809913a5e182983e8ca188ac802f71e7ffda5541
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
85e157816a19be2d1d5c143ead57834a8647722bd4f9f5f0fab85d853f8ff41c
87e8b24725e182d1e4134a9370770987261c14c8ccbda166d7ce61ff060e732d
891e7ef609ccc8ff7840003e8ebffa60120b7a30265e9ed9632fa9a2a7d62dc6
8afe56df149e86d60edf1d04a41676b07d0b18617a88fb3f9f3259c1a194ce50
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
90c0a243df0f03ba7aa4409ab6dc6f97326f93c9537edccbf57f7ee13e1ae7f5
91d149cdc0eba46d8512f56fe0f1312aec78279f103bfd77a415c41d1ddc7236
9241464971b25d3cadd89db6c33064a48c97b04874c7ab6c12e97da5d371480a
949566537775c03ac71d49b7d5f39e8bda9fec6c1efbb13407e97d2383de8cad
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225
96c20a37b32eebd3eb387277fff9778f7ef32655ac88870d45477c9e2a313dd8
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98ab2327aafe23152777df8bdab46dbb10bc2e1d4828475eae8acf4addde8204
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99b703091397f3264db2e4915ef3655dcffc6b821e3fa4971664bc102c53dac1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c274fa914d525f1adb9729814e89cedc463f98ecbfb12e3ad6fe10ed05b916e
9c5f76cf64183ac29f19d0af7145a7ea7ad36b417ade9561c4e5825fa6832966
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3cae108cd6a454dcabb3e62472042bde163070f6be36081b62e783b5924a01c
a4935762ec63674cc13ccc41fd54ec5027f082deacc68056424bea1d295e73fe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a833e21eecfdc84dfdee0c858ac1e649fba4a890939f43ea8b581e75d9708fa1
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b10cc9d75ce105ffb7e99b00b537dc240a3049eba1bedbbb1422f073c163dd27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26f903d50fe7cd2219665da3875c14d07537087c65c0a7cd446cd2dd2c73582
b50a219e1f54ad1997a76d3c9b08d8c056e67a9073d9c115bb645fe6784c5b90
b71c281bd0276234af8ea69fff1cef1683323275a4e4b428dc2d7a459d4af2a6
b73ef8f878c5d3c3fe9cde874a42c8ac59eb7c6670ca307c90ec61da8ae786e2
b8b7db02aff2fbde176d0220b2e38ed79a8d4fc33d776f10ccef586db1c5ca76
babe958c663405703435abb942cd103f0e82a25390d4fe0cebfc0a67bbdca37c
bea69fdeea61432f39ce1fd6f888dcd9bcac1aa0b6b3a0bf5bb60baceee2bdc0
c0e09611e92094f3c9baec913304b7d20362b0c4fc14076026a2423c2616669c
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
c2596a16bf392e4823cb1d3ef55d3795c3c82f3d94a996b66419bb724119888d
c3c33ac9d2e2e20b7db93eb53684676ec7c2f48e04382512463ef37ffbfac830
c45ac52e85b132c4fbb2b62332c199792243ab855ceba6e0aba43e2db6e8e16b
c4be228b85adcd99099d4446c6914baa7b8ad420faa4963f22237eac830d7053
c5acd99a0dfbf4d9f44f2feaeedeaf19ade7afdc90389401c089e52c3fe6da44
c5c0c6930922c171056ee7d7cb948b09f7808fb9c0f27ef97802ea05ab4de5d9
ca44939771e7b3dc9dda2aee02fbb5559c6028d928378277105e7c8a5a8e4333
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb7b62e93a028cbc859a1d1ddc9a6954a1a52e30f07a53bc677c216aa07a445f
cd58fd969a38ad0172f24afe0c6d821fc53c3ac9234aa3935dc21c2239859609
d08ed0e21f187dd309030d465224da8085119a15a17d616ba0e477bb50c6f10d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f61bd2773571bf2c2cf2e1236691a7d95c483ed6be48800a803a1ec6cdf0e5
d216d7f9a032032acde3851bb37c26448773a86ce822c6326afc6593a27c52d1
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcddaa661ca40c2a36288ae788c87b8bda0dd978d60401fedfb591f79a2ad71c
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3aa786f6302af3176ce6ac53e8e582a3b2642d55665e2b758ddba90f1ddf8cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ef9d4e3c23eddd125c6c38b454bc58e89ae4f094da8ace0ce988e14f8e480f
e543efaecc35c7bd82ac95ceaca610b7a7a4bda087596ca166d35fb8668feb45
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5efbd6f6c2a750d9e6f4f88e3aad3ae937b9e27313afbad9b2ef6ec58e78c56
e60e7c2069a17a63f821501882862d441e088dd58584f5b7f71929f356b5b871
e63cfce7916c0c368054245b30d30cd42cfd7ef6eaf5f7db9966f803133c9470
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eb7eb4eb29a65cc9175350c558349927beb7a28cbdcb79185f069b6fe56e3a20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c47cb702e040372a3a4bce66d5e0ecc46c56325ec40f8c00b91da0d1d3f46
f107d812b5ed1af85ab99023d9ed5f6befd89537509ce6886e1cad1556a506f9
f3ba9181b56921a44c524aad3902c40fc02b2bf14910970803510114d43bd45e
f4dd877f92aa6190879d02a302bc2694ce7df4692faa920dd33a1273366b4725
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f6e4d11663155d726319e5ac84b1bc98c0cefd9be2079c8b2247cd227c559165
fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5

rd.fharr.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

343 Requests

87 %HTTPS

49 %IPv6

44 Domains

69 Subdomains

52 IPs

9 Countries

4926 kBTransfer

11844 kBSize

48 Cookies

24 Outgoing links

Redirected requests

343 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rd.fharr.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

343
Requests

87 %
HTTPS

49 %
IPv6

44
Domains

69
Subdomains

52
IPs

9
Countries

4926 kB
Transfer

11844 kB
Size

48
Cookies

343 HTTP transactions
12 data transactions