sas.2020vw.com Open in urlscan Pro
2606:4700:3035::ac43:9959 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.zeuspng.com/?r=R21XV3Bav
Effective URL:
https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html
Submission: On August 13 via api (August 13th 2023, 3:02:08 am UTC) from US — Scanned from NL

Summary HTTP 72 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3035::ac43:9959, located in United States and belongs to CLOUDFLARENET, US. The main domain is sas.2020vw.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2023. Valid for: a year.

This is the only time sas.2020vw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3032::ac43:8c3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700:303... 2606:4700:3035::ac43:9959	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2009	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
72	23

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.zeuspng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::ac43:8c3c (United States)

ASN13335 (CLOUDFLARENET, US)

planetnewsday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3035::ac43:9959 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sas.2020vw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	348 KB
8	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	99 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 981 o.clarity.ms — Cisco Umbrella Rank: 8377 c.clarity.ms — Cisco Umbrella Rank: 1553	22 KB
7	2020vw.com 1 redirects sas.2020vw.com	24 KB
6	planetnewsday.com planetnewsday.com	30 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	63 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 mts0.google.com — Cisco Umbrella Rank: 4389	574 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	4 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216 www.googleadservices.com — Cisco Umbrella Rank: 150	601 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	113 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 245	26 KB
2	zeuspng.com www.zeuspng.com	14 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 226	762 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1175	7 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 10017	157 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12544	27 KB
72	16

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	sas.2020vw.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.zeuspng.com tpc.googlesyndication.com www.googletagservices.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	sas.2020vw.com	1 redirects planetnewsday.com sas.2020vw.com static.cloudflareinsights.com
6	planetnewsday.com	planetnewsday.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	o.clarity.ms	www.clarity.ms
3	www.google.com	1 redirects sas.2020vw.com tpc.googlesyndication.com
2	c.clarity.ms	1 redirects
2	www.googleadservices.com	sas.2020vw.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.clarity.ms	sas.2020vw.com www.clarity.ms
2	cdnjs.cloudflare.com	sas.2020vw.com
2	www.zeuspng.com	www.zeuspng.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.zeuspng.com
1	static.cloudflareinsights.com	sas.2020vw.com
1	www.blogger.com	sas.2020vw.com
1	blogger.googleusercontent.com	sas.2020vw.com
72	23

This site contains links to these domains. Also see Links.

Domain
www.icloud.com
play.google.com
apps.apple.com
www.blogger.com

Subject Issuer	Validity	Valid
zeuspng.com E1	`2023-07-29` - `2023-10-27`	3 months	crt.sh
planetnewsday.com GTS CA 1P5	`2023-06-20` - `2023-09-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-10` - `2024-03-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html
Frame ID: 1E56A13DB10058274480324E2211B959
Requests: 33 HTTP requests in this frame

Frame: https://sas.2020vw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Frame ID: 23B3F4D5CCB02422355611B4D4DD9510
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8832346812514784&output=html&adk=1812271804&adf=3025194257&lmt=1691833544&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fsas.2020vw.com%2Fp%2Fhow-to-send-messages-on-whatsapp.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691895722212&bpp=3&bdt=153&idt=251&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6279157462044&frm=20&pv=2&ga_vid=800390143.1691895722&ga_sid=1691895722&ga_hid=1374884443&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076469%2C31076874%2C31076924%2C44795911%2C44796632&oid=2&pvsid=1511035966489457&tmod=1057037116&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fplanetnewsday.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=276
Frame ID: C162F5D5B6AD686942AA32B4A3EAE922
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8832346812514784&output=html&h=280&slotname=2252714856&adk=3896822645&adf=2653041513&pi=t.ma~as.2252714856&w=1200&fwrn=4&fwrnh=100&lmt=1691833544&rafmt=1&format=1200x280&url=https%3A%2F%2Fsas.2020vw.com%2Fp%2Fhow-to-send-messages-on-whatsapp.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691895722215&bpp=2&bdt=156&idt=277&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6279157462044&frm=20&pv=1&ga_vid=800390143.1691895722&ga_sid=1691895722&ga_hid=1374884443&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076469%2C31076874%2C31076924%2C44795911%2C44796632&oid=2&pvsid=1511035966489457&tmod=1057037116&uas=0&nvt=1&ref=https%3A%2F%2Fplanetnewsday.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zU24zVrl0B&p=https%3A//sas.2020vw.com&dtd=282
Frame ID: 5BAEDFA8E540ECFCE65440AC3C0F012A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8832346812514784&output=html&h=280&slotname=2252714856&adk=2113210220&adf=319904962&pi=t.ma~as.2252714856&w=1080&fwrn=4&fwrnh=100&lmt=1691833544&rafmt=1&format=1080x280&url=https%3A%2F%2Fsas.2020vw.com%2Fp%2Fhow-to-send-messages-on-whatsapp.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691895722217&bpp=1&bdt=158&idt=284&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6279157462044&frm=20&pv=1&ga_vid=800390143.1691895722&ga_sid=1691895722&ga_hid=1374884443&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076469%2C31076874%2C31076924%2C44795911%2C44796632&oid=2&pvsid=1511035966489457&tmod=1057037116&uas=0&nvt=1&ref=https%3A%2F%2Fplanetnewsday.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=b7x1QcuqyO&p=https%3A//sas.2020vw.com&dtd=287
Frame ID: 2E940E42A5922E288C83D54DCA3F5743
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3E0142E09BE7C94A633511DF74743817
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 87A280AFFC3840C6A33CEC704082BAC7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D759117CB7CCA36FD6CE9E06A0A4007
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js
Frame ID: 0229E3627B6FDAF895FEC0D41B233824
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js
Frame ID: 07A20D5B89F5E6D39E71FB3C4C0FB4FA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E0157430CD94162C62B8BF13A6774FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C24082884FF92E84FFC586AAE84015BF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How to Send Messages on WhatsApp Without Adding the Person to Contacts

Page URL History Show full URLs

https://www.zeuspng.com/?r=R21XV3Bav Page URL
https://planetnewsday.com/ Page URL
https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

96 %
HTTPS

87 %
IPv6

16
Domains

23
Subdomains

23
IPs

4
Countries

935 kB
Transfer

2382 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.icloud.com/shortcuts/be22fa0abe644c86baa126ffff2ae3eb
Title: shortcut link

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=cycloneworld.whatsdirect&hl=en&gl=US
Title: Google Play Store

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/click-to-chat-direct-message/id1447952480
Title: iOS App Store

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Meer informatie

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.zeuspng.com/?r=R21XV3Bav Page URL
https://planetnewsday.com/ Page URL
https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://sas.2020vw.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://sas.2020vw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=CEYH4qkfYZIbSItyAjuwPw9iJkASls9-NYK2SoPv4DevUuMzUARABIOrihhVgkQSgAd6r49ECyAEJqQKoPV_hbl6yPqgDAcgDywSqBIYCT9Ck2wplscFSYzXUN-PkxBjRRsJAVwMl8AowyiEmRYARWix4cFpQUlfxmoqQ3ILxFeH8n7WchBn7D9R9f3a8e-EHB9sEB2LbXayF57ux3jKGU-qO9cNW1IRMNHa47o1dueB5L4QFUedOzMBcG9mjvVIjvKCEwbpH8Rfz-Uf2KEVkBQ6_e6tOXypP-pfXHs2jjW4UkD3f7wFi6sKzPp1K0h87MUkuQclnAy8-D7x8H8V1kYWfOz534naLosUc-0vXjQv0O6dH3C4zua1knoQ5zXNnv5Tbih4UzPRwTPk8FQu-dc5RzvL6wEC2vgIXvM0aBpiQ7qBPQoQquvIwFaFrlni3cb26ScAE2e_ru68DkgUECAQYAZIFBAgFGASgBi6AB4rUnK4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqpkT0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJKWh0dHBzOi8vd3d3LnN0ZWVuYmVyZ2Vuc2llcmJlc3RyYXRpbmcubmwvgAoByAsBogwIKgYKBMOwsQK4E4gE2BMK0BUBmBYBgBcBshccChoIABIUcHViLTg4MzIzNDY4MTI1MTQ3ODQYAA&sigh=2sspthxsceo&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWr_HOPj8C-XxRl0eoM41EDUpTlVfsQRgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224725226334436752331%22,%22debug_reporting%22:true,%22destination%22:%22https://steenbergensierbestrating.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22708367838%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214014808275403211201%22}&andc=true

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 62

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=99520099B92F4B6BA6C59FA3334E59B3&RedC=c.clarity.ms&MXFR=2770F396342D65103EBBE0FA302D6B7B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=99520099B92F4B6BA6C59FA3334E59B3&MUID=119FD32FA7006BC81EE8C043A6836ADE

72 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
www.zeuspng.com/ 48 KB
9 KB 601ms
544ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zeuspng.com/?r=R21XV3Bav
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.8
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f5db77a2b4236e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 03:02:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.zeuspng.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUYs4VzbXIa1CZT5Fk7uufQpBH%2FiLkjeXUK5q8NlD6m5weFJ1WfL0okyrb0XKLJsufJPSmmaSsgN2OImd77%2Bgln4exRFoQCN7W57NoD%2F1Pb4r2Adc1Dq%2FbScX0ScRypAU%2F%2BoJ5AqhQKnZ1uMI18%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache-control: no-cache
x-litespeed-tag: e79_HTTP.200,e79_home,e79_URL.6666cd76f96956469e7be39d750cc7d9,e79_F,e79_guest,e79_
x-powered-by: PHP/8.2.8
x-qc-pop: EU-DE-FKB-67
x-turbo-charged-by: LiteSpeed
x-ua-compatible: IE=edge

GET
H2 200 main.min.css
www.zeuspng.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 31ms
30ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zeuspng.com/wp-content/themes/generatepress/assets/css/main.min.css
Requested by: Host: www.zeuspng.com
URL: https://www.zeuspng.com/?r=R21XV3Bav
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.zeuspng.com/?r=R21XV3Bav
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 02:55:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2270
etag: W/"4c6e-64b7509c-9c8982a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T68zVquZhaFtqkKEBARyRhGIO7OPEp6AqZM0UiMNkvBacPqg3X9MApvGeBLfQp%2FWq8DIrgUe44stxPWXoMtIRjhWEajq1WC78SSNaEfK6y%2FXNJvBLqxHGMiLscy0ixR8vcA2aMwir7N1SWiKVFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 7f5db77d7e1736e0-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Aug 2023 02:09:18 GMT

POST
H2 200 / Show response
planetnewsday.com/ 38 KB
5 KB 1047ms
991ms Document
text/html 2606:4700:3032::ac43:8c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://planetnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.7
Resource Hash: 34ff4012150d462d3181b57950b184a8fd147a38f474265227152ade22865e41

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.zeuspng.com
Referer: https://www.zeuspng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f5db77df8049237-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 03:02:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://planetnewsday.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cY33fKKzHq7vleL9yoF2xgCRTjqJYcbQ4uFGtDgUA5V00wyjVwuGecJTvoaGxwm6fplggkgNEeybSMd5Ssw4F%2BUKHNQOHOPplwTJDvxmERKCcC4piABFjokS5xjIHzYPVsqkF7QYmaVGTg9VnQENQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache-control: no-cache
x-litespeed-tag: bfd_HTTP.200
x-powered-by: PHP/8.2.7

GET
H2 200 style.css
planetnewsday.com/wp-content/themes/nautonk-viomagz/ 83 KB
20 KB 203ms
202ms Stylesheet
text/css 2606:4700:3032::ac43:8c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://planetnewsday.com/wp-content/themes/nautonk-viomagz/style.css
Requested by: Host: planetnewsday.com
URL: https://planetnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdcbaee031d30bc6242bda624a84cf4099749287809964e33b981ba7762d4990

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://planetnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 21 Jun 2023 05:32:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"14c82-64928b6a-361af0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSt0iZRShfpErPLoM8roR6D8QhaJPAlVjjD3LBIhIW%2FB32Vb47lEaf5eg9byljaxfRD4A4yllhv0TWDLlVkZ0KhFGB2WGz2Z9PrAgjf3tm0t5LI1Wsao9T228K4rcRAqNGEbsQCti16i1aqw6rhpNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 7f5db7843ac29237-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 02:56:17 GMT

GET
H2 200 style.min.css
planetnewsday.com/wp-content/plugins/ngiklan/assets/css/ 1 KB
865 B 219ms
218ms Stylesheet
text/css 2606:4700:3032::ac43:8c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://planetnewsday.com/wp-content/plugins/ngiklan/assets/css/style.min.css
Requested by: Host: planetnewsday.com
URL: https://planetnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://planetnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 12 Aug 2023 13:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"57b-64d78572-3a0f7b;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQkha6bbdfZhbRb94TJ%2Fqb04hbco7sUP3jfejOPUKbdZCEd45phBjdtKUfchI5f%2FoCatBVq7R%2FR%2FlOIp%2BzERhDV9xp2c4voflsG9vvD%2BsKlXrw3YUQ3Z5urGcW3YJXqV2YBbrvDpyG9cVPOVX8ZdzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 7f5db7843ac99237-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Aug 2023 01:36:40 GMT

GET
H2 200 instant_click.min.js
planetnewsday.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 222ms
221ms Script
application/x-javascript 2606:4700:3032::ac43:8c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://planetnewsday.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js
Requested by: Host: planetnewsday.com
URL: https://planetnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://planetnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jul 2023 07:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e63-64b8df64-3c07dc;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjy6uPNnZvgxlSyf4q4%2BO1ihWo05xovX47AbmLFER%2FJXODOVAN5ggVzbTQ%2Fepc67Pw07kIFsQPK%2BjUs3uRnnSO9mvvxgBM02P3Ga%2BVqDMWXT4ZpOsMTEjfMjuToT%2FfFfOy0mGRBa5NoXb%2B5iS5mt0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 7f5db7843acb9237-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 10 Aug 2023 13:38:57 GMT

GET
H2 200 frontend.min.js
planetnewsday.com/wp-content/plugins/ngiklan/assets/js/ 2 KB
1 KB 218ms
217ms Script
application/x-javascript 2606:4700:3032::ac43:8c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://planetnewsday.com/wp-content/plugins/ngiklan/assets/js/frontend.min.js
Requested by: Host: planetnewsday.com
URL: https://planetnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://planetnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 12 Aug 2023 13:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"759-64d78572-3a0f77;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7vdfU3ZevbGR1nQH%2ByoElEjVyMhV29f%2BcKgftj8dDIaU8G841CVYE3hsaATRTaJDEEHWbT1MuL90qdX%2Br2EujRszFsKCaiQ6tBnX%2BSFwJZ1PJbftiUbd7tUyhLg4ZmMkechBja%2BkCsL82yh%2Fw9S1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 7f5db7843acd9237-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Aug 2023 01:36:41 GMT

GET
H2 200 script.min.js Show response
planetnewsday.com/wp-content/themes/nautonk-viomagz/assets/js/ 3 KB
2 KB 216ms
215ms Script
application/x-javascript 2606:4700:3032::ac43:8c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://planetnewsday.com/wp-content/themes/nautonk-viomagz/assets/js/script.min.js
Requested by: Host: planetnewsday.com
URL: https://planetnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafabcd876655fe7b5d6368169ee258f9b4a1c3367b4dfa1ef5de113d1d4acc9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://planetnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 21 Jun 2023 05:32:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"dc4-64928b6a-3c16f8;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opnUHy0%2BMXRfWeN8zqeU1EKmNh9azlGl9dP8Zxw3BTFpFK%2F5OcTMwlUvkXn%2F524%2FTkqQOiptOWKS7L5QGuxk%2F%2BoDWMQpo8t%2BIPuIhubOccuISaPswGI4ZlrkGlUjyr%2F1jSCxIQY5iyLpDMVtMmW%2F%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 7f5db7843ace9237-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 10 Aug 2023 13:38:57 GMT

GET
H2 200 Primary Request how-to-send-messages-on-whatsapp.html Show response
sas.2020vw.com/p/ 40 KB
14 KB 213ms
159ms Document
text/html 2606:4700:3035::ac43:9959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Requested by

Host: planetnewsday.com
URL: https://planetnewsday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9959 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01e517b1936735dd67f70a92288789e892ae4dac0ca703547b7c84461967224e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://planetnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f5db785ea551d8c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 03:02:02 GMT
expires: Sun, 13 Aug 2023 03:02:01 GMT
last-modified: Sat, 12 Aug 2023 11:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSpp%2B63Fko3gHj22wVbYldhXSuC4dJ5BCVRCUz0efPdu2toXqPVW3xtWHKEB1DK1QEVutJaAxr9vga2iSVGdm8GUw97BoC3d59iXDiLa%2BZxvOqwX1cnpJSzJS%2BQaIqJJ5EC5sU%2B8IsW6tmXh3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 99ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8832346812514784

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

936832971ae5afeb6ab4bff0289773aefa54009a42ae12d4ca6460f02cae5205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sas.2020vw.com/
Origin: https://sas.2020vw.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50794
x-xss-protection: 0
server: cafe
etag: 8246553109809035461
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 03:02:02 GMT

GET
H2 200 40c5f4b139c9d5e3343cd8b73d608087_Whasapp_07.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT5gxOt-V7F_oZ9Ac5HTmP6w8GvcYWeNCt6m7rgLusubjH3GpwArU7ZNbDGT48FhNY9f1WRO3Fdltgwbyed0Xg4luDbIyQTIs6IBtUO4j5DtQE2LdjxS6Ze4XuCEpKrcavAmnnznmeE95WG6j_... 26 KB
27 KB 329ms
232ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT5gxOt-V7F_oZ9Ac5HTmP6w8GvcYWeNCt6m7rgLusubjH3GpwArU7ZNbDGT48FhNY9f1WRO3Fdltgwbyed0Xg4luDbIyQTIs6IBtUO4j5DtQE2LdjxS6Ze4XuCEpKrcavAmnnznmeE95WG6j_G1u38-LqBSDy2BXHyA3ZTmgVAtBnKYv-m2cP8zh6/s320/40c5f4b139c9d5e3343cd8b73d608087_Whasapp_07.jpeg

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b0e2b96f3f103d526f0aa12a8e2cb9746dbdca6e6212950c5a7b2df191bd881b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v6c6b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="40c5f4b139c9d5e3343cd8b73d608087_Whasapp_07.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27131
x-xss-protection: 0
expires: Mon, 14 Aug 2023 03:02:02 GMT

GET
H2 200 jquery.slim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 71 KB
22 KB 79ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://sas.2020vw.com/
Origin: https://sas.2020vw.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7380015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22329
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-11ab4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teZhzGuFVyw%2FWQi4QMktCbR3oiUA7zMOkVe5mAguhd6Nx2RrKiGWyfIl0cIWcS2Pmy2t5eXCNhqPxnjMkoBkSDBXUonAMTgdXge4DGj949tK4esbcKbwxuwaXgZ2HZIEBRI8C%2BGqjwQn66bNhKwQKtLk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f5db7874fb71cb5-FRA
expires: Fri, 02 Aug 2024 03:02:02 GMT

GET
H2 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 8 KB
3 KB 84ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://sas.2020vw.com/
Origin: https://sas.2020vw.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 15935229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3150
last-modified: Sat, 02 Jan 2021 18:12:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ff0b799-1ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bnt2%2FpN9fCC1nNpYQA6plrX8x%2FLd%2FAMH%2FWRTEVla6F7Gh6w8jfelsSs9LY%2BOE12R2v9ibNKngcyC0ryIfeEl0NRfRbK%2FjgzIBoZHkBFc%2BI6oxlRVscUV7wgzPqIq3mxAWkFrearMHn%2FXYqi9khG1f%2Fla"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f5db7874fb91cb5-FRA
expires: Fri, 02 Aug 2024 03:02:02 GMT

GET
H2 200 cookienotice.js Show response
sas.2020vw.com/js/ 6 KB
2 KB 28ms
27ms Script
text/javascript 2606:4700:3035::ac43:9959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sas.2020vw.com/js/cookienotice.js

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9959 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 217811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 05:54:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 7f5db786fb301d8c-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 17 Aug 2023 08:24:19 GMT

GET
H2 200 2338307535-widgets.js Show response
www.blogger.com/static/v1/widgets/ 156 KB
157 KB 110ms
20ms Script
text/javascript 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2338307535-widgets.js

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b2e8385447633d74aca1a712aa1bd64c226aaf845b1d1cd1c64868d75ea619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 14:54:36 GMT
x-content-type-options: nosniff
age: 43646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160181
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 17:56:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 11 Aug 2024 14:54:36 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 108ms
48ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://sas.2020vw.com/
Origin: https://sas.2020vw.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7f5db78759b0bb4d-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 372 KB
126 KB 127ms
58ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8832346812514784&plah=sas.2020vw.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8832346812514784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0283b9f3099d23dc893af6a386d5816993960b136a5e5533248235f4a657773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128607
x-xss-protection: 0
server: cafe
etag: 12582058127355344088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 03:02:02 GMT

GET
H2 200 i5bi34z2mw Show response
www.clarity.ms/tag/ 649 B
1012 B 162ms
103ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/i5bi34z2mw
Requested by: Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1a8e815c69f2c3777f5801bc9851bbf935577b86acce7e511e02bd8984615d2d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date: Sun, 13 Aug 2023 03:02:01 GMT
x-azure-ref: 0qkfYZAAAAACW6wDQ2fc/TKInKU34/BaGQlJVMzBFREdFMDQxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 649
expires: -1

GET
H3

200

invisible.js Show response
sas.2020vw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/ Frame 23B3
Redirect Chain

https://sas.2020vw.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://sas.2020vw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js

7 KB
4 KB

28ms
28ms

Script
application/javascript

2606:4700:3035::ac43:9959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sas.2020vw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Server

2606:4700:3035::ac43:9959 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

093408f1dbbec2081c9b6829c299f251860061b4331c15dea732a880c70c5860

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NWAOrpty9Ry7ZG8hso0IthyR85WOV8NDYo4isOTE4K%2B%2B%2Bg%2FI0ie8pSY6r6aO4lFVrgWgq67NFaa03Lu2NEl9019twh83iiXfvKZc1poiotxBueggCEw%2B%2FAfp7JCB5ySqnlwWpn8eTksw58ZOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f5db7885b1e922c-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

Redirect headers

date: Sun, 13 Aug 2023 03:02:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T478EESJ7DFQxvT9Cpbga0T1rsnLqEkmFS2tOPqEC%2F45uOKytU0uvnaCDtMsnlLVVMT%2BqaqRijJNNqObhSVsjtyU8tmalLTGjpSwUSMQiyiUC9Y96VEk9CvjnDGV6CXb0f86jDZjq12Np%2BjnfA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7f5db7882b10922c-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 s.js Show response
sas.2020vw.com/cdn-cgi/zaraz/ 6 KB
4 KB 31ms
30ms Script
text/javascript 2606:4700:3035::ac43:9959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sas.2020vw.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySG93JTIwdG8lMjBTZW5kJTIwTWVzc2FnZXMlMjBvbiUyMFdoYXRzQXBwJTIwV2l0aG91dCUyMEFkZGluZyUyMHRoZSUyMFBlcnNvbiUyMHRvJTIwQ29udGFjdHMlMjIlMkMlMjJ4JTIyJTNBMC40NDgyOTU5NDQ1MTMwNDU5JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzYXMuMjAyMHZ3LmNvbSUyRnAlMkZob3ctdG8tc2VuZC1tZXNzYWdlcy1vbi13aGF0c2FwcC5odG1sJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcGxhbmV0bmV3c2RheS5jb20lMkYlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBLTEyMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by: Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9959 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e65f3235907a54ad33759a0953024e7e76cffa99b774d9beddf74840787dee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://sas.2020vw.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhngLsReYMjhCkoxVMEDMZxaTyBUYv1Rvvf%2ByfCZVKAYrCiccaQv4a2np3O4pDjA6Af7cJ0vi5yKz%2F4NuBk2IYG5O28Pw4BbCGMC5893L6Xy2N2cywTOdr6S1JGPJ4ZMzk3sSUek6%2BRUyUoHIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7f5db7882b11922c-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
priority: u=3,i=?0
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect Show response
stats.g.doubleclick.net/g/ 0
253 B 66ms
22ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-9Y1JNTVSVT&cid=ca66bffa-024b-47d7-b832-65d3831229c7&_u=KGDAAEADQAAAAC%7E&z=1657754301
Requested by: Host: www.zeuspng.com
URL: https://www.zeuspng.com/?r=R21XV3Bav
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 03:02:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sas.2020vw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
0 114ms
43ms Fetch
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-9Y1JNTVSVT&cid=ca66bffa-024b-47d7-b832-65d3831229c7&_u=KGDAAEADQAAAAC%7E&z=1657754301&slf_rd=1

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySG93JTIwdG8lMjBTZW5kJTIwTWVzc2FnZXMlMjBvbiUyMFdoYXRzQXBwJTIwV2l0aG91dCUyMEFkZGluZyUyMHRoZSUyMFBlcnNvbiUyMHRvJTIwQ29udGFjdHMlMjIlMkMlMjJ4JTIyJTNBMC40NDgyOTU5NDQ1MTMwNDU5JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzYXMuMjAyMHZ3LmNvbSUyRnAlMkZob3ctdG8tc2VuZC1tZXNzYWdlcy1vbi13aGF0c2FwcC5odG1sJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcGxhbmV0bmV3c2RheS5jb20lMkYlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBLTEyMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 03:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://sas.2020vw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 7f5db785ea551d8c Show response
sas.2020vw.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 23B3 0
575 B 40ms
39ms XHR
text/plain 2606:4700:3035::ac43:9959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sas.2020vw.com/cdn-cgi/challenge-platform/h/b/cv/result/7f5db785ea551d8c
Requested by: Host: sas.2020vw.com
URL: https://sas.2020vw.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9959 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BFNChNpm57QDQm%2FrBBWfFmLlZfspsBaohQ4XV%2F%2F1C8cy4mj2%2B7COJBUsmS%2Bgk2gMcQQbonrNr1yDjPlnZ1y6NCwjJUjoQ9qVBWsNfa%2BDdLO0bZIrGEfzboKSEMgJC5HPyH%2FL9BVapkXLr4BbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f5db7895b7f922c-FRA
alt-svc: h3=":443"; ma=86400
priority: u=1,i

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.9/ 57 KB
20 KB 21ms
21ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.9/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/i5bi34z2mw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 94c945d369ea536b3fbd274f6d71d28c56fbb5ea1e2666a6d376a9e214db66ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:01 GMT
content-encoding: br
last-modified: Wed, 09 Aug 2023 10:57:38 GMT
x-azure-ref-originshield: 00jPXZAAAAAChSy0/IfReQo7HWhY6IVPDQU1TMDRFREdFMTgxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
etag: "0x8DB98C77264FDBA"
x-azure-ref: 0qkfYZAAAAAAKq90kFTa9R47fcnk9PR9PQlJVMzBFREdFMDQxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: cb5aa1b5-401e-0057-43ee-cc80e8000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 81ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sas.2020vw.com&callback=_gfp_s_&client=ca-pub-8832346812514784

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8832346812514784&plah=sas.2020vw.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e465eade9b1ccda530787636faf2e183c73f00a198aa6bd0917a2eb8641fa881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C162 179 KB
50 KB 369ms
320ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8832346812514784&output=html&adk=1812271804&adf=3025194257&lmt=1691833544&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fsas.2020vw.com%2Fp%2Fhow-to-send-messages-on-whatsapp.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691895722212&bpp=3&bdt=153&idt=251&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6279157462044&frm=20&pv=2&ga_vid=800390143.1691895722&ga_sid=1691895722&ga_hid=1374884443&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076469%2C31076874%2C31076924%2C44795911%2C44796632&oid=2&pvsid=1511035966489457&tmod=1057037116&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fplanetnewsday.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc1fdad32c4c7a2865bdc2754e9da12d3d5604faced85ccb2069ae4d68cd8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sas.2020vw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50857
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 03:02:02 GMT
expires: Sun, 13 Aug 2023 03:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 03:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BAE 143 KB
44 KB 417ms
376ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8832346812514784&output=html&h=280&slotname=2252714856&adk=3896822645&adf=2653041513&pi=t.ma~as.2252714856&w=1200&fwrn=4&fwrnh=100&lmt=1691833544&rafmt=1&format=1200x280&url=https%3A%2F%2Fsas.2020vw.com%2Fp%2Fhow-to-send-messages-on-whatsapp.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691895722215&bpp=2&bdt=156&idt=277&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6279157462044&frm=20&pv=1&ga_vid=800390143.1691895722&ga_sid=1691895722&ga_hid=1374884443&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076469%2C31076874%2C31076924%2C44795911%2C44796632&oid=2&pvsid=1511035966489457&tmod=1057037116&uas=0&nvt=1&ref=https%3A%2F%2Fplanetnewsday.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zU24zVrl0B&p=https%3A//sas.2020vw.com&dtd=282

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eef13e088d113036ec4acfdebe0d5cb998c18a57d63c2559c172609ef272493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sas.2020vw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44631
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 03:02:02 GMT
expires: Sun, 13 Aug 2023 03:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E94 436 B
698 B 276ms
242ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8832346812514784&output=html&h=280&slotname=2252714856&adk=2113210220&adf=319904962&pi=t.ma~as.2252714856&w=1080&fwrn=4&fwrnh=100&lmt=1691833544&rafmt=1&format=1080x280&url=https%3A%2F%2Fsas.2020vw.com%2Fp%2Fhow-to-send-messages-on-whatsapp.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691895722217&bpp=1&bdt=158&idt=284&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6279157462044&frm=20&pv=1&ga_vid=800390143.1691895722&ga_sid=1691895722&ga_hid=1374884443&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076469%2C31076874%2C31076924%2C44795911%2C44796632&oid=2&pvsid=1511035966489457&tmod=1057037116&uas=0&nvt=1&ref=https%3A%2F%2Fplanetnewsday.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=b7x1QcuqyO&p=https%3A//sas.2020vw.com&dtd=287

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94fda8223039a0a0ab6dd42a764e7777441ef0173185de4fd1d9ada5c16f3e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sas.2020vw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 03:02:02 GMT
expires: Sun, 13 Aug 2023 03:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
294 B 392ms
190ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.9/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sas.2020vw.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sas.2020vw.com
Date: Sun, 13 Aug 2023 03:02:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 154 KB
52 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2988469bd55b22323ba1d012aed939004ac64e9e56b61f3031196340aa38cb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53701
x-xss-protection: 0
server: cafe
etag: 4041990527824063933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 03:02:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5BAE 14 KB
2 KB 81ms
32ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8832346812514784&output=html&h=280&slotname=2252714856&adk=3896822645&adf=2653041513&pi=t.ma~as.2252714856&w=1200&fwrn=4&fwrnh=100&lmt=1691833544&rafmt=1&format=1200x280&url=https%3A%2F%2Fsas.2020vw.com%2Fp%2Fhow-to-send-messages-on-whatsapp.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691895722215&bpp=2&bdt=156&idt=277&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6279157462044&frm=20&pv=1&ga_vid=800390143.1691895722&ga_sid=1691895722&ga_hid=1374884443&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076469%2C31076874%2C31076924%2C44795911%2C44796632&oid=2&pvsid=1511035966489457&tmod=1057037116&uas=0&nvt=1&ref=https%3A%2F%2Fplanetnewsday.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zU24zVrl0B&p=https%3A//sas.2020vw.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 03:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 01:33:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 03:02:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 5BAE 2 KB
945 B 120ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:57:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 5BAE 23 KB
9 KB 119ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:53:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 5BAE 3 KB
1 KB 118ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:42:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 08:42:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 5BAE 20 KB
8 KB 97ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:57:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BAE 179 KB
57 KB 97ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Aug 2023 03:02:03 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 5BAE 33 KB
14 KB 104ms
33ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 07:16:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 3E01 10 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sas.2020vw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 7188
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 01:02:14 GMT
etag: 12368291122986407432
expires: Sun, 27 Aug 2023 01:02:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 data=kUSGP-Eer_5-FktqK2mJzis1V5J0IGXaCkl2Pmy8b1NflWhqVrVYcsW_f_1HiNjq6GOuTGuqu7AD-JU5_8aACg
mts0.google.com/vt/ Frame 5BAE 0
0 113ms
29ms Image
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=kUSGP-Eer_5-FktqK2mJzis1V5J0IGXaCkl2Pmy8b1NflWhqVrVYcsW_f_1HiNjq6GOuTGuqu7AD-JU5_8aACg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8832346812514784&output=html&h=280&slotname=2252714856&adk=3896822645&adf=2653041513&pi=t.ma~as.2252714856&w=1200&fwrn=4&fwrnh=100&lmt=1691833544&rafmt=1&format=1200x280&url=https%3A%2F%2Fsas.2020vw.com%2Fp%2Fhow-to-send-messages-on-whatsapp.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691895722215&bpp=2&bdt=156&idt=277&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6279157462044&frm=20&pv=1&ga_vid=800390143.1691895722&ga_sid=1691895722&ga_hid=1374884443&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076469%2C31076874%2C31076924%2C44795911%2C44796632&oid=2&pvsid=1511035966489457&tmod=1057037116&uas=0&nvt=1&ref=https%3A%2F%2Fplanetnewsday.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zU24zVrl0B&p=https%3A//sas.2020vw.com&dtd=282
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5BAE 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5BAE 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5BAE 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5BAE 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css2
fonts.googleapis.com/ Frame 3E01 4 KB
767 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 03:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 01:38:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 03:02:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3E01 205 B
296 B 56ms
35ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 02:55:22 GMT
x-content-type-options: nosniff
age: 346001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Aug 2024 02:55:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3E01 604 B
919 B 54ms
34ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 16:06:13 GMT
x-content-type-options: nosniff
age: 212150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Aug 2024 16:06:13 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 3E01 15 KB
6 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 00:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 14691725014340836395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 00:48:22 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 3E01 20 KB
8 KB 52ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8576
x-xss-protection: 0
server: cafe
etag: 10593844011591499743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:58:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 87A2 14 KB
1 KB 31ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 03:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 01:35:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 03:02:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 87A2 2 KB
926 B 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:57:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 87A2 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:53:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D75 143 B
166 B 24ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 02:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 87A2 3 KB
1 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:42:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 08:42:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 87A2 20 KB
8 KB 25ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:57:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87A2 179 KB
56 KB 34ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Aug 2023 03:02:03 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 87A2 33 KB
14 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 07:16:49 GMT

GET
DATA 200
OK truncated
/ Frame 5BAE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3906a1b258e4a0a4ccde6462328d038b1216bd1b9b807d4e7378e3178ebd2173

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5BAE 33 KB
34 KB 85ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 79082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5BAE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEYH4qkfYZIbSItyAjuwPw9iJkASls9-NYK2SoPv4DevUuMzUARABIOrihhVgkQSgAd6r49ECyAEJqQKoPV_hbl6yPqgDAcgDywSqBIYCT9Ck2wplscFSYzXUN-PkxBjRRsJAVwMl8AowyiE...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224725226334436752331%22,%22debug_reporting%22:true,%22destination%22:%22https://steenbergensierbestrating.nl%22,%22event_re...

0
0

97ms
53ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224725226334436752331%22,%22debug_reporting%22:true,%22destination%22:%22https://steenbergensierbestrating.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22708367838%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214014808275403211201%22}&andc=true

Requested by

Host: sas.2020vw.com
URL: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html

Protocol

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4725226334436752331","debug_reporting":true,"destination":"https://steenbergensierbestrating.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["708367838"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"14014808275403211201"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Aug 2023 03:02:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Aug 2023 03:02:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4725226334436752331","debug_reporting":true,"destination":"https://steenbergensierbestrating.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["708367838"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"14014808275403211201"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D75
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 03:02:03 GMT
expires: Sun, 13 Aug 2023 03:02:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 03:02:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame 0229 38 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 12:52:59 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 143ms
56ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 03:02:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=99520099B92F4B6BA6C59FA3334E59B3&RedC=c.clarity.ms&MXFR=2770F396342D65103EBBE0FA302D6B7B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=99520099B92F4B6BA6C59FA3334E59B3&MUID=119FD32FA7006BC81EE8C043A6836ADE

42 B
443 B

29ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=99520099B92F4B6BA6C59FA3334E59B3&MUID=119FD32FA7006BC81EE8C043A6836ADE
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 03:02:02 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 03:02:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 36103747349548E390A4182B151FA653 Ref B: AMS04EDGE2608 Ref C: 2023-08-13T03:02:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=99520099B92F4B6BA6C59FA3334E59B3&MUID=119FD32FA7006BC81EE8C043A6836ADE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 35ms
35ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acf541b27692611746e44eae9181c7924aa11ac7158749b78713890bec943a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11867
x-xss-protection: 0

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame 07A2 38 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Host: www.zeuspng.com
URL: https://www.zeuspng.com/?r=R21XV3Bav

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 12:52:59 GMT

POST
H3 204 rum Show response
sas.2020vw.com/cdn-cgi/ 0
140 B 23ms
23ms XHR
text/plain 2606:4700:3035::ac43:9959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sas.2020vw.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9959 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sas.2020vw.com/p/how-to-send-messages-on-whatsapp.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json

Response headers

date: Sun, 13 Aug 2023 03:02:03 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sas.2020vw.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f5db78eee19922c-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 03:02:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E01 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sas.2020vw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 33947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 17:36:16 GMT
expires: Sun, 11 Aug 2024 17:36:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C240 831 B
556 B 31ms
31ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6006426d2e4edf97296c29658f0ad0522f10240aba90c20ccffa22604081cd08

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VjZXbKKCBtvPnGrQ8tVVsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sas.2020vw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-VjZXbKKCBtvPnGrQ8tVVsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 03:02:03 GMT
expires: Sun, 13 Aug 2023 03:02:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E01 38 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 12:52:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C240 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=1511035966489457&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9E01 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XVDBTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 03:02:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
294 B 93ms
93ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.9/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sas.2020vw.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sas.2020vw.com
Date: Sun, 13 Aug 2023 03:02:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 119ms
118ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=1511035966489457&bg=!6eql6r7NAAaiGN5Pghg7ADkAdvg8Ws_siDV686ZTPf3eqwvalL1vqtj0CgOArUIarej6JLN-WeSUFHmOrI1YZ-wM00b4unaN9NECAAAAYlIAAAAGaAEHCgBBXzxaMtpCm3XVefeaNdcuXWjUKFrLG0b-mzDryFHJWMKSS93-aC-cu2IhdALtut_DjP4b-d5-xPMqcAdgHD2qptuZAr84HfMoYKDiuNFFU9xZw9f_6Gvko_ci54GhYXIiHc_0cBUZf8uSIBUQF37Ta33qT4xKJ_RrU4rTsuVc_c9Ys9KBNA6uEpROlDOH4Lgsaeq9QKDXDo3jO-xIXp02e6Ca3w4XkAPuv7a0-LqglGojDt1UWqPjorN6X0UUEJnoSS0CZM5rgfpjEZbJk4gnjRpC65cQeNs_XITw5f6_n4oy0QWMU9My7uHqToAMPwz_qHMRh9tNs5CLi7LyIrk3CgEwkc6eUp-e6EjdYT1GcnG4BPe7Ux8At5dtbjQyP2iHQL4ETs6RCrx24c33IdoXxu4sJSptjKlPzyi0mHLYh1ZD2riuDXrm040TGHSavoxR9xtZla2_FROq2aWBzyGVF2wvp6otASuhd4MnsUjHuoTIPH0DqiibPWj8mhnYFLviskWdzr1b8W2g4RcEwlSu6q_MoMvk7ybRNrrlaCamXuT5Tig1SFvxgF-AluW9jzqkyujHkuY6CovlAJjqEWLJXHwNGWFTgt8Y7RWXaePS43KuN0kgJSh46D6-UjN_QtzjI_a1F4GGBF6-nnlAr57Iy4zMEWw4KQj5whsm3zxiVZi56ZcYue9icTKgWCyIZToESyVmGjpvCCjoedk-ZPhtuWwHkfnDAzYUzxvZxiB40io1GRLkYIA6vP8XXeAjZ4xHdOCluP-CulgzKr0RVVvZBlCyOMfEyVddqY0d0HheglaXdpxGoOuccdonjCOn293RZMPpTFVCXJNzG9xK7DyO3gjuWFfukbgyIBjxFNQqhMxuaCcqZtMY5PKSlyu7_RHxkxxO1CmxlvNHQpbc35zNCEGRm13_-A95Rf691AI_DMzmZ376Feb3n26kRv4iufXvJE06U9NwhHJpC5ffxqrinqApbUBEDzTM36C9_KTi-dUu0MF4dfBFK6m2dYbL1jWODSq5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sas.2020vw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5BAE 42 B
64 B 91ms
90ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEw6sbWzAE6AWl7CDtOWKYvsHmK1Wz5DayjF5PJF99o7XqfIu713kN6bHlfFWjUEY8oXKbb_nTPpcZEebBgjMH58uyxh7RtX8xcCzP0VlMNujNriYQHP67GBK9Jj2iERuAL532hL-2LcuU&sai=AMfl-YT3Ub8AmGuaLB3_0td3EiQ5TwOKmKwneBBdQnYqyUXVJGV4OlZjeRAHJ0e8Dmg8gb1usgmOcamCuyDs&sig=Cg0ArKJSzG25GkumAnVDEAE&cid=CAQSGwBpAlJWr_HOPj8C-XxRl0eoM41EDUpTlVfsQRgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3896822645&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691895722498&rpt=651&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 03:02:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
294 B 94ms
93ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.9/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sas.2020vw.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sas.2020vw.com
Date: Sun, 13 Aug 2023 03:02:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zeuspng.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: nvkm0o8m26i26l51pm8vtk6ojp
planetnewsday.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: kq646k3l895bnal7cbejq9rm24
.2020vw.com/	1970-01-20 23:34:15	Name: google-analytics_v4_6907__engagementStart Value: 1691895722272
.2020vw.com/	1970-01-20 23:34:15	Name: google-analytics_v4_6907__counter Value: 1
.2020vw.com/	1970-01-20 13:58:17	Name: google-analytics_v4_6907__ga4sid Value: 478851438
.2020vw.com/	1970-01-20 23:34:15	Name: google-analytics_v4_6907__session_counter Value: 1
.2020vw.com/	1970-01-20 23:34:15	Name: google-analytics_v4_6907__ga4 Value: ca66bffa-024b-47d7-b832-65d3831229c7
.2020vw.com/	1970-01-20 23:34:15	Name: google-analytics_v4_6907___z_ga_audiences Value: ca66bffa-024b-47d7-b832-65d3831229c7
.2020vw.com/	1970-01-20 23:34:15	Name: google-analytics_v4_6907__let Value: 1691895722272
www.clarity.ms/	1970-01-20 22:43:51	Name: CLID Value: 26b5d608a8e74e848a09795ed6e2071c.20230813.20240812
.2020vw.com/	1970-01-20 22:43:51	Name: cf_clearance Value: vkbbyEQ3nC7IM1u8jbPYO3d3s.9mnAcL6Aki.PDfP.s-1691895722-0-1-a3235bca.601cc7fe.ffc8d4c7-0.2.1691895722
.2020vw.com/	1970-01-20 22:43:51	Name: _clck Value: 1b5h19l\|2\|fe4\|0\|1320
.2020vw.com/	1970-01-20 23:19:51	Name: __gads Value: ID=12d2d014ac813166-22c7a1b798e30051:T=1691895722:RT=1691895722:S=ALNI_MaMLPEVl6z00_Phb8Giwvf_Dtp77A
.2020vw.com/	1970-01-20 23:19:51	Name: __gpi Value: UID=00000c5faebc52bb:T=1691895722:RT=1691895722:S=ALNI_MbL_5C0rkgJAwndeVarh7j3vhye6Q
.2020vw.com/	1970-01-20 13:59:42	Name: _clsk Value: xfrkhb\|1691895723007\|1\|1\|o.clarity.ms/collect
.doubleclick.net/	1970-01-20 23:19:51	Name: IDE Value: AHWqTUlsZySTCnIGxg4YIcHSOnt4e2RA6-OjcQeg1K9RMlT2a_MxRPf4Y06VPP6nqP4
.doubleclick.net/	1970-01-20 13:58:19	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 16:07:51	Name: ar_debug Value: 1
.bing.com/	1970-01-20 23:19:51	Name: MUID Value: 119FD32FA7006BC81EE8C043A6836ADE
.c.bing.com/	1970-01-20 14:08:20	Name: MR Value: 0
.c.bing.com/	1970-01-20 23:19:51	Name: SRM_B Value: 119FD32FA7006BC81EE8C043A6836ADE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 23:19:51	Name: MUID Value: 119FD32FA7006BC81EE8C043A6836ADE
.c.clarity.ms/	1970-01-20 14:08:20	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 13:58:16	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=kUSGP-Eer_5-FktqK2mJzis1V5J0IGXaCkl2Pmy8b1NflWhqVrVYcsW_f_1HiNjq6GOuTGuqu7AD-JU5_8aACg Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mts0.google.com
o.clarity.ms
pagead2.googlesyndication.com
partner.googleadservices.com
planetnewsday.com
sas.2020vw.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.blogger.com
www.clarity.ms
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.zeuspng.com
142.250.181.226
2606:4700:3032::ac43:8c3c
2606:4700:3035::ac43:9959
2606:4700::6810:3965
2606:4700::6811:180e
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2009
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a06:98c1:3120::3
52.152.143.207
68.219.88.97
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
01e517b1936735dd67f70a92288789e892ae4dac0ca703547b7c84461967224e
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
093408f1dbbec2081c9b6829c299f251860061b4331c15dea732a880c70c5860
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a8e815c69f2c3777f5801bc9851bbf935577b86acce7e511e02bd8984615d2d
1fc1fdad32c4c7a2865bdc2754e9da12d3d5604faced85ccb2069ae4d68cd8ca
21e65f3235907a54ad33759a0953024e7e76cffa99b774d9beddf74840787dee
2988469bd55b22323ba1d012aed939004ac64e9e56b61f3031196340aa38cb36
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34ff4012150d462d3181b57950b184a8fd147a38f474265227152ade22865e41
3906a1b258e4a0a4ccde6462328d038b1216bd1b9b807d4e7378e3178ebd2173
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6006426d2e4edf97296c29658f0ad0522f10240aba90c20ccffa22604081cd08
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db
8eef13e088d113036ec4acfdebe0d5cb998c18a57d63c2559c172609ef272493
936832971ae5afeb6ab4bff0289773aefa54009a42ae12d4ca6460f02cae5205
94c945d369ea536b3fbd274f6d71d28c56fbb5ea1e2666a6d376a9e214db66ba
94fda8223039a0a0ab6dd42a764e7777441ef0173185de4fd1d9ada5c16f3e89
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acf541b27692611746e44eae9181c7924aa11ac7158749b78713890bec943a87
b0283b9f3099d23dc893af6a386d5816993960b136a5e5533248235f4a657773
b0e2b96f3f103d526f0aa12a8e2cb9746dbdca6e6212950c5a7b2df191bd881b
bafabcd876655fe7b5d6368169ee258f9b4a1c3367b4dfa1ef5de113d1d4acc9
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
bdcbaee031d30bc6242bda624a84cf4099749287809964e33b981ba7762d4990
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
d5b2e8385447633d74aca1a712aa1bd64c226aaf845b1d1cd1c64868d75ea619
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e465eade9b1ccda530787636faf2e183c73f00a198aa6bd0917a2eb8641fa881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

sas.2020vw.com Open in urlscan Pro 2606:4700:3035::ac43:9959 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

87 %IPv6

16 Domains

23 Subdomains

23 IPs

4 Countries

935 kBTransfer

2382 kBSize

25 Cookies

4 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sas.2020vw.com Open in urlscan Pro
2606:4700:3035::ac43:9959 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

87 %
IPv6

16
Domains

23
Subdomains

23
IPs

4
Countries

935 kB
Transfer

2382 kB
Size

25
Cookies

72 HTTP transactions
5 data transactions