notapositiva.com Open in urlscan Pro
198.20.115.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://notapositiva.com/
Effective URL:
https://notapositiva.com/
Submission: On October 27 via api (October 27th 2023, 3:04:03 pm UTC) from US — Scanned from NL

Summary HTTP 159 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 16 domains to perform 159 HTTP transactions. The main IP is 198.20.115.3, located in Amsterdam, Netherlands and belongs to SINGLEHOP-LLC, US. The main domain is notapositiva.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 3rd 2023. Valid for: 3 months.

This is the only time notapositiva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	198.20.115.3 198.20.115.3	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	95.211.66.34 95.211.66.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
26	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4005:814::2003	15169 (GOOGLE) (GOOGLE)
2	74.125.71.157 74.125.71.157	15169 (GOOGLE) (GOOGLE)
1 2	34.243.164.184 34.243.164.184	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:8::8	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:1200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f18:1ac... 2600:1f18:1aca:4280:5a10:f513:5632:20a1	14618 (AMAZON-AES) (AMAZON-AES)
16	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
159	31

34 198.20.115.3 (Amsterdam, Netherlands) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: en02-ams.stablehost.com

notapositiva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.66.34 (Alphen aan den Rijn, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.66.35 (Alphen aan den Rijn, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4005:814::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.71.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.164.184 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-164-184.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:8::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-5hneknee.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:1200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4280:5a10:f513:5632:20a1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	455 KB
34	notapositiva.com 1 redirects notapositiva.com	462 KB
19	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1173 r3---sn-5hneknee.c.2mdn.net — Cisco Umbrella Rank: 469822 s0.2mdn.net — Cisco Umbrella Rank: 300	537 KB
18	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	150 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	176 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	149 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	135 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
5	clickiocdn.com s.clickiocdn.com — Cisco Umbrella Rank: 45188 clickiocdn.com — Cisco Umbrella Rank: 34927	229 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	608 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	29 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	118 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	149 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
159	16

	Domain	Requested by
34	notapositiva.com	1 redirects notapositiva.com
26	pagead2.googlesyndication.com	notapositiva.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com fw.adsafeprotected.com s0.2mdn.net www.googletagservices.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
16	s0.2mdn.net	notapositiva.com s0.2mdn.net googleads.g.doubleclick.net
9	dt.adsafeprotected.com	googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	fonts.googleapis.com	notapositiva.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	region1.google-analytics.com	www.googletagmanager.com
3	clickiocdn.com	s.clickiocdn.com
2	cdnjs.cloudflare.com	s0.2mdn.net
2	googleads4.g.doubleclick.net	notapositiva.com
2	r3---sn-5hneknee.c.2mdn.net	notapositiva.com
2	www.googleadservices.com	notapositiva.com
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	bid.g.doubleclick.net	imasdk.googleapis.com googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.clickiocdn.com	notapositiva.com
2	www.googletagmanager.com	notapositiva.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
159	31

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.pinterest.com
www.linkedin.com
www.plus.google.com

Subject Issuer	Validity	Valid
notapositiva.com cPanel, Inc. Certification Authority	`2023-10-03` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
s.clickiocdn.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
adlmerge.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-10-10` - `2023-12-19`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://notapositiva.com/
Frame ID: 50E07EB35159960A7C63A3795276167F
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 9ED668F93ACED0EB6175288BB7860525
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199
Frame ID: 7C89CCD2A62DAC30FB6BE15253C7391D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=996555999&adf=2364240886&pi=t.ma~as.7775112206&w=848&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=848x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=202&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WZgOk3iVH3&p=https%3A//notapositiva.com&dtd=205
Frame ID: 2A4EDFDC01031FCA523BDCD1BCF26FC9
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Frame ID: 3F74D91B7085BD1856D30E0B05945C2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&adk=1812271804&adf=3025194257&lmt=1698411838&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037829&bpp=1&bdt=322&idt=201&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280%2C263x600&nras=1&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=211
Frame ID: 9F347DB4D689BA11CAF0091B39A7E30E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQ7ayH0QQYxNub8gEwAQ&v=APEucNX1Gr2vmEwYti2n7cS39QJgObrWVN2iN3446AFYMCeWESH3g7d6BDFkc7xmddoxjmEnjn73hF5uwpk4HZhz7Z2xW4XTnYhL5xMsVJKjdl2TgYh5RNOmUb6aasyLqKktBcqkdRKUf1S4kTwV3lg7QT6Ta-2RAf7JHxuEa3fQ2JF2jd1LM10
Frame ID: 2F0595BCDAF50DCCB57AE2DD2F0FDE81
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EE78ABBE834687800381973C44D8A864
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Frame ID: D3B3F66279FEA9A134699A488C0F8AF4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: CBF3BE23CA99BEE92DAF8AC12A168867
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2A9AD9514243A69EE0DE7A9A56099ECC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1DF97F1F577E0F824F241123D4ADDED3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
Frame ID: EA00651DD97BE388B3924A47FD99BBC0
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: 233EDDA2A19869017ABA52D1E8FDDC6F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 48C9339E533BD72A26D822B7D2F3CD13
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED2517DFD452E17FCA32E56358225BBE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NotaPositiva - Portal de apoio aos estudantes onde são publicados trabalhos escolares, textos de apoio, exercícios resolvidos, etc. de todas as disciplinas e níveis de ensino.

Page URL History Show full URLs

http://notapositiva.com/ HTTP 301
https://notapositiva.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

159
Requests

96 %
HTTPS

68 %
IPv6

16
Domains

31
Subdomains

31
IPs

6
Countries

2608 kB
Transfer

6041 kB
Size

16
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/

Search URL Search Domain Scan URL

URL: http://www.twitter.com/

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/

Search URL Search Domain Scan URL

URL: http://www.plus.google.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://notapositiva.com/ HTTP 301
https://notapositiva.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://googleads.g.doubleclick.net/pagead/adview?ai=CoD3GXtE7ZYi9BqPqgrAP9Nuc2AW16s7Pc-zenOKZEY_ljMzlBBABIOHRhQNgkQSgAfT__-kCyAEJqQLb8Ve17JqyPqgDAcgDywSqBMcBT9CWwZsn2h9ln1GfF188SzjSRYtxrUMCSTZ3MGNYqXuCFsJb_SX44gA9jMUpgLakGs2kghbIqghq9Acr8Lh0vQO5wwf141sG9yjoJodPTvKgAplsjcQHZP5Z4jvydma98yne9tfHb1WDQUpgJO5bHIAb1Lvmg0EdCHUvObRc2kHgPuTrtxXYOVON7laEmlujFXakc56zHsZjaLogSf0VoutorGLX1TsZmwUFru7Vsx667uaO_VGzQFDprf5dOfXuZAn730XovsAE-4rui6AEiAXxoviZSZIFBAgEGAGSBQQIBRgEoAYugAf0__-VAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMHZBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTlodHRwczovL3d3dy5tc2MuY29tL2VuL2xwL3NoaXBwaW5nLXdpdGgtbXNjP2djbHNyYz1hdy5kcyaACgHICwGiDAwqCgoI5LSxAu61sQLYEw2IFAbQFQGYFgGAFwGyFxwKGggAEhRwdWItMDA0NTk3MDgyMjk0NTU5NRgA&sigh=R_0q4-pgLVU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNL8O4_moEBSRBk7KYRWHmFDfvqIlkzmby8G1wf0MCIVSkby6bu1-XeBBww4Pw7UqemQMVvomNOcvA2rX6nJA9TCszCLvI5csYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223686443777338662927%22,%22debug_reporting%22:true,%22destination%22:%22https://msc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22759169012%22],%224%22:[%2210-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224061504509429081233%22}&andc=true

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFMlXziWlnXfczPwIYbXNg&google_cver=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTvRXkJlsxMKlw4o4f2JigAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq1BeVOH5PvYN8iDiput6s&google_cver=1

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENWkhrsWgltzEOOY9VVkmD4&google_cver=1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcyMTY1NDc3NDgyMTE1NDM1OQ%3D%3D

Request Chain 102

https://gcdn.2mdn.net/videoplayback/id/07e15d6f5ac5969b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729955038/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/7E06AC751C1A0D24FA213FF0655D420F2578D518.B7DD3F98B7F1229E7B2CDB5167480F7900E58FDB/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/07e15d6f5ac5969b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729955038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DF92E9FA3D37F0360CCCB667E4E49359EA18E7C.212B6876ECAA006E79211DA1DA55DCF34F236B77/key/cms1/cms_redirect/yes/mh/L3/mip/2001:1af8:4020:a034:9876::10/mm/42/mn/sn-5hneknee/ms/onc/mt/1698418500/mv/u/mvi/3/pl/43/file/file.mp4

Request Chain 105

https://fw.adsafeprotected.com/rfw/bgd/1494005/73005731/xbbe/creative/adj?p=APEucNWaz5Wh-mguGg-lapCRaLNCYyj40nd1jMApDYfCMNNEzCo-qSY&d=CokBAKAmf-A1nrKKH0FX3B9qJU9meCUZy2UbEHhyWkysUYlecg6cOjEQ2Eff6J9NjVASD0nesLA9A_NHrGCT9UqLCEJ0WQSVzj1UC-n8vHqCKbzo02VrFxZ8PfAqoNcvYgbM695gI1W-1BEQMhFzOrbN9r6LYBsbrr6csfBHNoIKjZ8WNmnV2QqaUVYS-RMAoCZ_4O5htL6MGGqdBAcOPW7abNiwgSi5XXqqzPUKjrXUvmEgyaT7CWRm3DhdZtHIpG1HitrRhhVqGfVKEfQ1LSIiGxhSVBHL9-oqiA6xWI_aPDWxpFm0fwhhny9_eBaVxrn0ttjZpN4LGkyPVHbQif4v6eKFobqzybJjRmBiqrHrb06iBSifsT457TrpzWkUWcfgwQMMXMSz6PFgv6JCFnQKyvf_t0Y2ExwAATxZOJ7NOK4DNwaAksB9GwCtof5yj9pHcnxn13sGPSZs4MMH3RBEi9OzyKHjR4Tlqf_9-It38k5NzmZlVika7FQ3P-yoaYyqW0hmdRI-vQA9DkyW-rI9krUoQf7vOavzzikbG-YZ7ZzZJ6VKS1KJ5uyu3zumXqIP1EO7Yu4uj-ii6QKC4x7K2yLw0n5b6kHB8B6PEsS2fHpH9_uOOQcL9YQJu0DaeVTMNZEJDN-xXIE-mnSLjAhmMDaop2Av2mqHfsTskXSVRd40Vpkib18te04DbPAB-WhIhscnjEB8ggcvZg8gAKt9-I7Vlp5GPrGTQ8bS3k5ZnDWBXTZNxvfNjrAn_bboKhGnLRIxLyXC06M1vLuFbaKyyiRKgdzG722skby_HrusZHdcklzGN-NeVLFfvjCDTJFvAZeEUjH9ICoMR-y3zdbzK9mLSaaQcLakTPRxdraVgWngCo14xAX2yBLh5baxldWnjKNA3XZQP4DXlrE1hMUKfyiq2KTfX6b5KLC-OrG26r-vFE4HLbwxusk5NJEyDtORHpxK9Oob5KB2IVBSRlkU214gFu3CqNXrGxQvXoXokVyoQ0iUlQuLp2LPcUwy_wQp5bdhnghUy9DFp6prblAyj74itdR4Bh2vNlLgZb781HQknXAV3F0XC93zsagO1MhuEexEDQ1joytSGn9pojGf6qpnKJkqNLDV9NSPoqbFmP7Qg0CjEUqhmluhss2y2ogkkd_YXTDzr5BMUkZdpQ71lbvb9GBVDvbjODXT8OAm2yO66_kbTo01lmAnPS4P3o0cx73E0AW4r2TlWC1pc6cqzq8hnaCq7fHsv2z4_plqWf38DmB9GBf-SjPUssMg3dDRaX9Uycwc4-TbkQ_p-1dMrC4eQU4fiiQjMzwz01nYJotPgodKA820VPoku0cStTo-_brpGsn9xyRrnaS1H3vXkyZLlLNA4x8r8V4ZxMDTsLW2l-0Lb-WU4Hu7Zfq6uImIDs4Nq_nUg6zevmNwjO4Qovi9vrjSbNHzZqsxkWElBdof34j4CpvcA0xW9l3_LGnKYYzY1AbJmGN13J4xv15ZsYPKaG1CIu6FZDmCZXSogdvs32chXIrooH5BFCpyjwJINsYb47GwGkYAn4CrGz7Ia0Rfy8bb32uWGVRQzOvd2USSngtEtUSrPe4P9SnnsWq4m_69nk49zaVHVFEUMUACW0DMJmJWkxfuAHiN5eDZ41jXRkk98ci5bTPvjRML928DwJc1oKKMDFh0oStVzWGaZRfIz0bjdUgm01BldHMumgsF1YERnKW9EtH312ahz4Zh42qlrceH6bSfuDpWFfg9LrIsauagpJ_mZanKDYmjytoBXo2akOyQ8banreOkmIYDCm1fRZ6aw8Y8GZUKo8cM1u_xuIt_6aQ9VU4M6zWjIiMP2zdGySCXHUjEl047SgxpxdfDnvpG8ijR-YJEO9_rHRr2Ic6MS00IXBx7zVFquhoM6CoBZj7qiXD_Q14Uwfwpl110sRWELpdadI3SnC4kWHJmnDl-AQW2BctcSQrThWwTKq335KpP4LGFlsm7RtdiP5jyajTWCZD5B1fyac-V1jEuh17HzkG11lvvYchEFFPL1ZXxbk9FUbwk-EmyIgSLlhSHsML86Bq7XGL26weSy6g1_UQ31_NYLySn5s2rPvDH_8leBAGBh7-zhCMBSnkz5gPPOTClrFGQt5RVT5cP28PjR_M-YDDwcGfuzK7cdgusYF1IbVGmuxpp_s6o1_RDf2oJSsDtDztHjVHPhFIW5jB38KNi1Firc4rQ7DLM1pYPAZTQoZtpHKF8nuMGMnB2hZXW7tw7HfunrqE__Vwc2vcsgJpwNSKs0O7rO2n2cKC4T9uWToOYPpebWsMau9in6Ct1iV1bgzCJ9vD9PXogvp_rPCwwaWbwWewUl1mZ-hvGeBKtOl-7D03zzESeqYXeQzHX8DaQr-r9jocL-vuYhxgntWgJUF83Ibi_ZL5ljAzykXMuRW1Wp9uq7tCWK8_jGHGrR8XL0up344fHZiIII_Gs5982Mh1-X8jW3W4wYuwgubeEGLeXcVmkL8YGxyO-BiNcPLCuQaFfCGbPLdfY9-_1E8dY99zpmNaR3tr7qj7nPKazhvJj9hY_xz3Co1hJTKZdrwunCbjkTt_MWC_RSr4SyYxfw2qx5SahpvCcY3ibH0DhC3zxXCCr0FHZGljzUHeP77StQyuISmJugmKKyBwLS-K6q2xv8vWv9dniXVKwoKwPitqPOE_3SDQ_KkBoHRH4EiyA0xZQ2ZpGpFUpTe028Ob9fEQ_i9fI8m10dnDL0_-quXH5pyYPzEb1HRuDaIyi39s14NA8te7k5cCe4-gBO2gkwdMkUbKgRrrw9rbX6iPh6J9IdtjpQgMcT3OF98MTW4GPUbst9PFLas4QFlVv3QkDIEYz-Adi2wf9I-6JFVypbEsG4VIjfVEaZHOVLRMz6Kpczfk4F91imSNZb_538BwXZvj7aALszkPYcMBgEOwfWWglSpXL5NR6ZTZjsosK36vzzy1rXcehyFWfeOL1nwUXCCqTBU5UFS_rFA6SA3CXhuJ7uHazBz9CuNxaAzjq-ZYlnDeT44JmCZnPAcqwM4IfuQoavAvuY75UYYFQYx-czviSg0TjIktOCTVbD1w3rCT14f_6OlaplTIeg_7_answggkMo_ez7CUlIYjDo8GIp01CdzoYbPkYazAtHvyqDdpzTNM_AQ1mwwphpe7xhRiibxoB720l1O-sGuiF0GZUkL3Sp0XyAcjyQ81TU7SVEFSJmbFn-m5ydjYf9JRHXInaeehyKT2uEIrFtT5Aw1V9-D_KsT3CRsDqC90hVeYvpBRzMhucvuCRMgvwN0JVynXi5hSlUMaujQ0WOaYP7fsvGqtX9aMTSCjgpAwboa5rU6ccKtAJa6KbGzG97dSm7OT-IqPBUhQVlI3aH231WwXRgQ8vHYreYFrqbDOTkT1FWWxG4Kum9k6JkGf9cqwrXRtGHb1hxmFxog_6RbSahMvwSUDMFUBTZkASIRMty9iZSUOfy-N2UIWjr7ODjYFMK0EWlICa7c0odwuZRpBWRHrx-94KiGuTdV7UqiWzX7V4WksWqkHeQKHoJVpwJvmPQEQlCSTX0vUSaWSKpTMJxjsipGZZ97wOdYMwh9hUA1tWxMYaUAgEEkoAyAmmjTGO7QvgInWMPBu0KAe3RrP1R6nnEVRDGKhpLAF1L5Wb3CJ4QPJtK0XhXI9N7Y1bERH4Tg2bM5GbX-LqdPWwFxflou7mQxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1012484845&ias_pubId=pub-0045970822945595&ias_chanId=1&ias_placementId=20122610338&bidurl=https://notapositiva.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g3aXgm2Q8ssyscZHGN1CWs&adsafe_url=https%3A%2F%2Fnotapositiva.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fnotapositiva.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0045970822945595%26output%3Dhtml%26h%3D600%26slotname%3D7775112206%26adk%3D3867715954%26adf%3D419840266%26pi%3Dt.ma~as.7775112206%26w%3D263%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1698411838%26rafmt%3D1%26format%3D263x600%26url%3Dhttps%253A%252F%252Fnotapositiva.com%252F%2523modal%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698419037817%26bpp%3D1%26bdt%3D311%26idt%3D209%26shv%3Dr20231025%26mjsv%3Dm202310250101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D840x280%252C848x280%26correlator%3D6010391235101%26frm%3D20%26pv%3D1%26ga_vid%3D64634378.1698419038%26ga_sid%3D1698419038%26ga_hid%3D1593081921%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1108%26ady%3D429%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079080%252C31079082%252C31079095%252C42532334%252C44805931%252C44806738%252C31078301%252C31079247%26oid%3D2%26pvsid%3D262802040894886%26tmod%3D2129363091%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CloEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3Dv0hyUpPuA7%26p%3Dhttps%253A%2F%2Fnotapositiva.com%26dtd%3D211&adsafe_type=bed&adsafe_jsinfo=,id:fce9a88f-b7f7-9133-521c-f19e36eaa93a,c:sgdQ2Z,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-7kmqp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:0e6f94b8-74da-11ee-bc4f-f27624206c03,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaz5Wh-mguGg-lapCRaLNCYyj40nd1jMApDYfCMNNEzCo-qSY&d=CokBAKAmf-A1nrKKH0FX3B9qJU9meCUZy2UbEHhyWkysUYlecg6cOjEQ2Eff6J9NjVASD0nesLA9A_NHrGCT9UqLCEJ0WQSVzj1UC-n8vHqCKbzo02VrFxZ8PfAqoNcvYgbM695gI1W-1BEQMhFzOrbN9r6LYBsbrr6csfBHNoIKjZ8WNmnV2QqaUVYS-RMAoCZ_4O5htL6MGGqdBAcOPW7abNiwgSi5XXqqzPUKjrXUvmEgyaT7CWRm3DhdZtHIpG1HitrRhhVqGfVKEfQ1LSIiGxhSVBHL9-oqiA6xWI_aPDWxpFm0fwhhny9_eBaVxrn0ttjZpN4LGkyPVHbQif4v6eKFobqzybJjRmBiqrHrb06iBSifsT457TrpzWkUWcfgwQMMXMSz6PFgv6JCFnQKyvf_t0Y2ExwAATxZOJ7NOK4DNwaAksB9GwCtof5yj9pHcnxn13sGPSZs4MMH3RBEi9OzyKHjR4Tlqf_9-It38k5NzmZlVika7FQ3P-yoaYyqW0hmdRI-vQA9DkyW-rI9krUoQf7vOavzzikbG-YZ7ZzZJ6VKS1KJ5uyu3zumXqIP1EO7Yu4uj-ii6QKC4x7K2yLw0n5b6kHB8B6PEsS2fHpH9_uOOQcL9YQJu0DaeVTMNZEJDN-xXIE-mnSLjAhmMDaop2Av2mqHfsTskXSVRd40Vpkib18te04DbPAB-WhIhscnjEB8ggcvZg8gAKt9-I7Vlp5GPrGTQ8bS3k5ZnDWBXTZNxvfNjrAn_bboKhGnLRIxLyXC06M1vLuFbaKyyiRKgdzG722skby_HrusZHdcklzGN-NeVLFfvjCDTJFvAZeEUjH9ICoMR-y3zdbzK9mLSaaQcLakTPRxdraVgWngCo14xAX2yBLh5baxldWnjKNA3XZQP4DXlrE1hMUKfyiq2KTfX6b5KLC-OrG26r-vFE4HLbwxusk5NJEyDtORHpxK9Oob5KB2IVBSRlkU214gFu3CqNXrGxQvXoXokVyoQ0iUlQuLp2LPcUwy_wQp5bdhnghUy9DFp6prblAyj74itdR4Bh2vNlLgZb781HQknXAV3F0XC93zsagO1MhuEexEDQ1joytSGn9pojGf6qpnKJkqNLDV9NSPoqbFmP7Qg0CjEUqhmluhss2y2ogkkd_YXTDzr5BMUkZdpQ71lbvb9GBVDvbjODXT8OAm2yO66_kbTo01lmAnPS4P3o0cx73E0AW4r2TlWC1pc6cqzq8hnaCq7fHsv2z4_plqWf38DmB9GBf-SjPUssMg3dDRaX9Uycwc4-TbkQ_p-1dMrC4eQU4fiiQjMzwz01nYJotPgodKA820VPoku0cStTo-_brpGsn9xyRrnaS1H3vXkyZLlLNA4x8r8V4ZxMDTsLW2l-0Lb-WU4Hu7Zfq6uImIDs4Nq_nUg6zevmNwjO4Qovi9vrjSbNHzZqsxkWElBdof34j4CpvcA0xW9l3_LGnKYYzY1AbJmGN13J4xv15ZsYPKaG1CIu6FZDmCZXSogdvs32chXIrooH5BFCpyjwJINsYb47GwGkYAn4CrGz7Ia0Rfy8bb32uWGVRQzOvd2USSngtEtUSrPe4P9SnnsWq4m_69nk49zaVHVFEUMUACW0DMJmJWkxfuAHiN5eDZ41jXRkk98ci5bTPvjRML928DwJc1oKKMDFh0oStVzWGaZRfIz0bjdUgm01BldHMumgsF1YERnKW9EtH312ahz4Zh42qlrceH6bSfuDpWFfg9LrIsauagpJ_mZanKDYmjytoBXo2akOyQ8banreOkmIYDCm1fRZ6aw8Y8GZUKo8cM1u_xuIt_6aQ9VU4M6zWjIiMP2zdGySCXHUjEl047SgxpxdfDnvpG8ijR-YJEO9_rHRr2Ic6MS00IXBx7zVFquhoM6CoBZj7qiXD_Q14Uwfwpl110sRWELpdadI3SnC4kWHJmnDl-AQW2BctcSQrThWwTKq335KpP4LGFlsm7RtdiP5jyajTWCZD5B1fyac-V1jEuh17HzkG11lvvYchEFFPL1ZXxbk9FUbwk-EmyIgSLlhSHsML86Bq7XGL26weSy6g1_UQ31_NYLySn5s2rPvDH_8leBAGBh7-zhCMBSnkz5gPPOTClrFGQt5RVT5cP28PjR_M-YDDwcGfuzK7cdgusYF1IbVGmuxpp_s6o1_RDf2oJSsDtDztHjVHPhFIW5jB38KNi1Firc4rQ7DLM1pYPAZTQoZtpHKF8nuMGMnB2hZXW7tw7HfunrqE__Vwc2vcsgJpwNSKs0O7rO2n2cKC4T9uWToOYPpebWsMau9in6Ct1iV1bgzCJ9vD9PXogvp_rPCwwaWbwWewUl1mZ-hvGeBKtOl-7D03zzESeqYXeQzHX8DaQr-r9jocL-vuYhxgntWgJUF83Ibi_ZL5ljAzykXMuRW1Wp9uq7tCWK8_jGHGrR8XL0up344fHZiIII_Gs5982Mh1-X8jW3W4wYuwgubeEGLeXcVmkL8YGxyO-BiNcPLCuQaFfCGbPLdfY9-_1E8dY99zpmNaR3tr7qj7nPKazhvJj9hY_xz3Co1hJTKZdrwunCbjkTt_MWC_RSr4SyYxfw2qx5SahpvCcY3ibH0DhC3zxXCCr0FHZGljzUHeP77StQyuISmJugmKKyBwLS-K6q2xv8vWv9dniXVKwoKwPitqPOE_3SDQ_KkBoHRH4EiyA0xZQ2ZpGpFUpTe028Ob9fEQ_i9fI8m10dnDL0_-quXH5pyYPzEb1HRuDaIyi39s14NA8te7k5cCe4-gBO2gkwdMkUbKgRrrw9rbX6iPh6J9IdtjpQgMcT3OF98MTW4GPUbst9PFLas4QFlVv3QkDIEYz-Adi2wf9I-6JFVypbEsG4VIjfVEaZHOVLRMz6Kpczfk4F91imSNZb_538BwXZvj7aALszkPYcMBgEOwfWWglSpXL5NR6ZTZjsosK36vzzy1rXcehyFWfeOL1nwUXCCqTBU5UFS_rFA6SA3CXhuJ7uHazBz9CuNxaAzjq-ZYlnDeT44JmCZnPAcqwM4IfuQoavAvuY75UYYFQYx-czviSg0TjIktOCTVbD1w3rCT14f_6OlaplTIeg_7_answggkMo_ez7CUlIYjDo8GIp01CdzoYbPkYazAtHvyqDdpzTNM_AQ1mwwphpe7xhRiibxoB720l1O-sGuiF0GZUkL3Sp0XyAcjyQ81TU7SVEFSJmbFn-m5ydjYf9JRHXInaeehyKT2uEIrFtT5Aw1V9-D_KsT3CRsDqC90hVeYvpBRzMhucvuCRMgvwN0JVynXi5hSlUMaujQ0WOaYP7fsvGqtX9aMTSCjgpAwboa5rU6ccKtAJa6KbGzG97dSm7OT-IqPBUhQVlI3aH231WwXRgQ8vHYreYFrqbDOTkT1FWWxG4Kum9k6JkGf9cqwrXRtGHb1hxmFxog_6RbSahMvwSUDMFUBTZkASIRMty9iZSUOfy-N2UIWjr7ODjYFMK0EWlICa7c0odwuZRpBWRHrx-94KiGuTdV7UqiWzX7V4WksWqkHeQKHoJVpwJvmPQEQlCSTX0vUSaWSKpTMJxjsipGZZ97wOdYMwh9hUA1tWxMYaUAgEEkoAyAmmjTGO7QvgInWMPBu0KAe3RrP1R6nnEVRDGKhpLAF1L5Wb3CJ4QPJtK0XhXI9N7Y1bERH4Tg2bM5GbX-LqdPWwFxflou7mQxgBYAE&cry=1&bundleId=

159 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
notapositiva.com/
Redirect Chain

http://notapositiva.com/
https://notapositiva.com/

38 KB
8 KB

51ms
16ms

Document
text/html

198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: c7c7c6beb4a4d751b748ca07c5c43eb377a82264fbc1a47e875604fc67db8e23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 7360
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 15:03:56 GMT
etag: "241895-1698186604;br"
link: <https://notapositiva.com/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 15:03:56 GMT
location: https://notapositiva.com/
server: LiteSpeed
x-litespeed-cache: miss
x-redirect-by: WordPress

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 89ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4477715-1

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ae65d436539d75ee14abd82f21d33cd73a09899116753c2be73c81463dfc62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 15:03:57 GMT

GET
H2 200 language-selector.css
notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/css/ 6 KB
1 KB 18ms
13ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.3.7
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: d874b4407ec18a37af2e5b06320fd0a8143c054aa65bb07369f646981f378bee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:45 GMT
server: LiteSpeed
etag: "17fb-5891c93d-245fe25a7c9d449c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1164
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 style.min.css
notapositiva.com/wp-includes/css/dist/block-library/ 29 KB
4 KB 19ms
14ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 03:31:32 GMT
server: LiteSpeed
etag: "7257-6077b394-c7b05a2a6cca95e7;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4474
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 front_end_style.css
notapositiva.com/wp-content/plugins/captcha/css/ 1 KB
624 B 19ms
14ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/captcha/css/front_end_style.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: db00fc9ec635de5e631d0ff39a30dc83d611d26fc2baba3880356355c137dcb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:44 GMT
server: LiteSpeed
etag: "5ea-5891c93c-6c9ebb72f7fe7ad9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 540
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 dashicons.min.css
notapositiva.com/wp-includes/css/ 46 KB
28 KB 32ms
27ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-includes/css/dashicons.min.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 03:31:32 GMT
server: LiteSpeed
etag: "b9cc-6077b394-bd30f12e2c097f77;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28356
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 mobile_style.css
notapositiva.com/wp-content/plugins/captcha/css/ 1 KB
368 B 33ms
29ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/captcha/css/mobile_style.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: eda02e1fb7ce11d3479484c9ef04d76278e93d63e89f73cdec78a6fdb95fba0b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:44 GMT
server: LiteSpeed
etag: "4fa-5891c93c-4f9eb226965b9d9f;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 307
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 style.css
notapositiva.com/wp-content/plugins/mg-post-contributors/css/ 3 KB
755 B 33ms
29ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/mg-post-contributors/css/style.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 36fafccce7254ffc4e77c29e7c349ee740e05b58aa53f6f915359c392cc4810d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:47 GMT
server: LiteSpeed
etag: "a17-5891c93f-b9ced71c88f55e5f;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 671
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 style.css
notapositiva.com/wp-content/plugins/mg-post-contributors/framework/settings/ 0
56 B 33ms
29ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/mg-post-contributors/framework/settings/style.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
last-modified: Wed, 01 Feb 2017 11:40:47 GMT
server: LiteSpeed
etag: "0-5891c93f-1f1f6e316d5572ce;;;"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 0
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 font-awesome.min.css
notapositiva.com/wp-content/plugins/mg-post-contributors/css/font-awesome-4.0.3/css/ 21 KB
5 KB 33ms
30ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/mg-post-contributors/css/font-awesome-4.0.3/css/font-awesome.min.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:47 GMT
server: LiteSpeed
etag: "55e0-5891c93f-e695ffe935acff8e;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4734
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 bootstrap.min.css
notapositiva.com/wp-content/themes/notapositiva/css/ 118 KB
18 KB 33ms
30ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/css/bootstrap.min.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
etag: "1d9ac-5891c940-384a54eb36ff6d26;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18276
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 bootstrap-theme.min.css
notapositiva.com/wp-content/themes/notapositiva/css/ 23 KB
2 KB 57ms
53ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/css/bootstrap-theme.min.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
etag: "5b71-5891c940-c6d2eda6cf0764a1;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2423
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 remodal.css
notapositiva.com/wp-content/themes/notapositiva/css/ 1 KB
460 B 57ms
54ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/css/remodal.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: e98ce76c9e599eb7bc742eb0ad1248acc0ead73fbccc861e2112ed9850e97974

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
etag: "4ab-5891c940-55d5d3fcc176d5e8;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 400
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 remodal-default-theme.css
notapositiva.com/wp-content/themes/notapositiva/css/ 4 KB
1 KB 58ms
55ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/css/remodal-default-theme.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: e89caecb0d914ce31a4e5546df39a357d05464ba28a81ae034697def163c10be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
etag: "10ff-5891c940-777b2708a3416007;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1086
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 font-awesome.min.css
notapositiva.com/wp-content/themes/notapositiva/css/ 27 KB
6 KB 58ms
55ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/css/font-awesome.min.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
etag: "6b4a-5891c940-ecf2ec4b27fb4cb8;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5878
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 style.css
notapositiva.com/wp-content/themes/notapositiva/ 12 KB
3 KB 58ms
56ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/style.css?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 82499f1ea4c401605fc75e13705a9c14bbec87494f467271d7a585f7bc5c0319

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Sat, 20 Jul 2019 19:43:12 GMT
server: LiteSpeed
etag: "2fd4-5d336ed0-9e2cdc1d45926086;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2529
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 78ms
29ms Stylesheet
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=sans-serif%3A400normal%7Craleway%3A600normal%7Ccoda%3A600normal%7Copen+sans%3Anormalitalic&ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 jquery.js Show response
notapositiva.com/wp-includes/js/jquery/ 95 KB
32 KB 30ms
28ms Script
application/javascript 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 16 Oct 2019 14:00:41 GMT
server: LiteSpeed
etag: "17a69-5da72289-319bd8b46ab03d7e;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32853
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 jquery-migrate.min.js Show response
notapositiva.com/wp-includes/js/jquery/ 10 KB
4 KB 30ms
28ms Script
application/javascript 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 16 Oct 2019 14:00:41 GMT
server: LiteSpeed
etag: "2748-5da72289-3dc0641d2dc8aa7d;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3823
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 microkids-related-posts-default.css
notapositiva.com/wp-content/plugins/microkids-related-posts/ 294 B
354 B 58ms
56ms Stylesheet
text/css 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/microkids-related-posts/microkids-related-posts-default.css
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: d17b4e72123a4e2b525865570b0ff8be31f053591ae2dd819c0473824194d824

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
last-modified: Wed, 01 Feb 2017 11:40:44 GMT
server: LiteSpeed
etag: "126-5891c93c-6b76e95f029b4cb6;;;"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 294
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
670 B 112ms
64ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 15:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 13:16:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 15:03:57 GMT

GET
H2 200 360.js Show response
s.clickiocdn.com/t/216388/ 431 KB
163 KB 90ms
48ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/216388/360.js
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.20.1 /
Resource Hash: 488f386c7776039f5dd918ba217932a7dacc4a20c3cd1fb3a32b34c287d09f14

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:57 GMT
content-encoding: gzip
server: nginx/1.20.1
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Fri, 27 Oct 2023 15:33:57 GMT

GET
H2 200 common_258.js Show response
s.clickiocdn.com/t/ 157 KB
65 KB 55ms
13ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/common_258.js
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.20.1 /
Resource Hash: e8c2dd410e2a99daa83ca0ad6df4d5e589f9c15bfbc52735fc7d677c6e014254

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:57 GMT
content-encoding: gzip
last-modified: Tue, 24 Oct 2023 13:37:30 GMT
server: nginx/1.20.1
etag: W/"6537c89a-2721f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Fri, 27 Oct 2023 15:33:57 GMT

GET
H2 200 logotipo_white.png
notapositiva.com/wp-content/uploads/2016/03/ 28 KB
28 KB 30ms
28ms Image
image/png 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notapositiva.com/wp-content/uploads/2016/03/logotipo_white.png
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 6606440824aa72094f35164f34b065e71150c07d0cba200b2866c876a351e7a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
last-modified: Wed, 01 Feb 2017 11:40:43 GMT
server: LiteSpeed
etag: "7064-5891c93b-4f872699de7f4467;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28772
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 404 pt-ao.png
notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 36 KB
36 KB 30ms
29ms Image
text/html 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-ao.png
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: cef679db2b15bb3f0b28882cdd534723a65b1df309aad2cbcf7e80262fe28a33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://notapositiva.com/wp-json/>; rel="https://api.w.org/"
content-length: 7062
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 pt-mz.png
notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 36 KB
36 KB 14ms
14ms Image
text/html 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-mz.png
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: cef679db2b15bb3f0b28882cdd534723a65b1df309aad2cbcf7e80262fe28a33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://notapositiva.com/wp-json/>; rel="https://api.w.org/"
content-length: 7062
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 /
notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 79 KB
79 KB 107ms
106ms Image
text/html 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 pt-br.png
notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 560 B
673 B 20ms
17ms Image
image/png 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-br.png
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 6acc22780306b8d263aa9e7352ae8c7110d9532cd6a3f1fff2444f06cea4043a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
last-modified: Wed, 01 Feb 2017 11:40:45 GMT
server: LiteSpeed
etag: "230-5891c93d-ce06954901ffa467;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 560
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H3 200 en.png
notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 600 B
648 B 27ms
24ms Image
image/png 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
last-modified: Wed, 01 Feb 2017 11:40:45 GMT
server: LiteSpeed
etag: "258-5891c93d-adb40d505b372444;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 600
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H3 200 pt-pt.png
notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 441 B
490 B 27ms
25ms Image
image/png 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-pt.png
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: b17974619f9233fb51fc94a230d109d563093530560a2ac910972020c8cc4209

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
last-modified: Wed, 01 Feb 2017 11:40:45 GMT
server: LiteSpeed
etag: "1b9-5891c93d-5dc2d6e61f9dcc4f;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 441
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H3 200 logotipo.png
notapositiva.com/wp-content/uploads/2016/03/ 85 KB
85 KB 28ms
25ms Image
image/png 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notapositiva.com/wp-content/uploads/2016/03/logotipo.png
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 087c130f7b01fa92faaf5ec156a85993f2fd4a8bf00092693f335d00ec7dd204

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
last-modified: Wed, 01 Feb 2017 11:40:43 GMT
server: LiteSpeed
etag: "1540a-5891c93b-d8d7f9f26d005ef3;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 87050
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 161ms
110ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

101d79fb6a21d78258d10814151430f5ab638b6f03dd04f7c12962fbe03684d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51721
x-xss-protection: 0
server: cafe
etag: 18300496115648270091
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 15:03:57 GMT

GET
H3 200 jquery.adrotate.clicktracker.js Show response
notapositiva.com/wp-content/plugins/adrotate/library/ 1 KB
538 B 21ms
18ms Script
application/javascript 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 2f64b025cec8c93dcb01fe88f0e79c134bc0a6c751787360153865dfa9f3a962

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 16 Oct 2019 14:01:58 GMT
server: LiteSpeed
etag: "40b-5da722d6-104d1729b6d15119;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 464
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H3 200 bootstrap.min.js Show response
notapositiva.com/wp-content/themes/notapositiva/js/ 36 KB
9 KB 23ms
20ms Script
application/javascript 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/js/bootstrap.min.js?ver=1.0.0
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
etag: "9004-5891c940-58193407325647ef;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9449
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H3 200 remodal.js Show response
notapositiva.com/wp-content/themes/notapositiva/js/ 18 KB
4 KB 24ms
21ms Script
application/javascript 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/js/remodal.js?ver=1.0.0
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 2944461f019fad1b00c390b4b681a194663c9bee3650519ddbcb4344bb9658db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
etag: "49e1-5891c940-a4d11ee72d1047cc;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4240
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H3 200 custom.js Show response
notapositiva.com/wp-content/themes/notapositiva/js/ 2 KB
702 B 24ms
21ms Script
application/javascript 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/js/custom.js?ver=1.1.0
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 26ffa1a1e01a1d1dd08ec6d31f79967c5d754339357a1b437134ad03012ae616

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
etag: "76c-5891c940-4d56502f4fe135c9;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 652
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H3 200 wp-embed.min.js Show response
notapositiva.com/wp-includes/js/ 1 KB
751 B 25ms
22ms Script
application/javascript 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-includes/js/wp-embed.min.js?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: 37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Tue, 16 May 2023 19:29:38 GMT
server: LiteSpeed
etag: "5a3-6463d9a2-185189487b001c44;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 677
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H3 200 sitepress.js Show response
notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/js/ 349 B
233 B 26ms
23ms Script
application/javascript 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=5.2.19
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: da8639265c27dd624482432b9f55d4903ef994868232113295f121b014adccc7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2017 11:40:45 GMT
server: LiteSpeed
etag: "15d-5891c93d-8b6d1d6ce9710047;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 159
expires: Fri, 03 Nov 2023 15:03:56 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://notapositiva.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 495924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 21:18:33 GMT

GET
H3 200 fontawesome-webfont.woff2
notapositiva.com/wp-content/themes/notapositiva/fonts/ 65 KB
65 KB 18ms
14ms Font
font/woff2 198.20.115.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://notapositiva.com/wp-content/themes/notapositiva/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: notapositiva.com
URL: https://notapositiva.com/wp-content/themes/notapositiva/css/font-awesome.min.css?ver=5.2.19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.20.115.3 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en02-ams.stablehost.com
Software: LiteSpeed /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://notapositiva.com/wp-content/themes/notapositiva/css/font-awesome.min.css?ver=5.2.19
Origin: https://notapositiva.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:56 GMT
last-modified: Wed, 01 Feb 2017 11:40:48 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "10440-5891c940-d1723797aa0fdac9;;;"
content-length: 66624
content-type: font/woff2

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 89ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://notapositiva.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 123860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 97ms
47ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://notapositiva.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 07:55:38 GMT
x-content-type-options: nosniff
age: 544099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 07:55:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VZ16J12X2G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4477715-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb1cd377774788ef272c54efc39237b7900beb894907d05bc915b7c68c86df79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83391
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 15:03:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4477715-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 13:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4345
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 27 Oct 2023 15:51:32 GMT

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 46 B
217 B 61ms
20ms Script
application/x-javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_786rf0r4cwlrbr97&rt=903773357&site_id=216388&title=NotaPositiva%20-%20Portal%20de%20apoio%20aos%20estudantes%20onde%20s%C3%A3o%20publicados%20trabalhos%20escolares%2C%20textos%20de%20apoio%2C%20exerc%C3%ADcios%20resolvidos%2C%20etc.%20de%20todas%20as%20disciplinas%20e%20n%C3%ADveis%20de%20ensino.&l=https%3A%2F%2Fnotapositiva.com%2F%23modal
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.35 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.20.1 /
Resource Hash: fdf51f20d2664b2d584143c844fefb79b6ee4358221a2266d557edd7cd0a9522

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 15:03:57 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.20.1
content-type: application/x-javascript; charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 55ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VZ16J12X2G&gtm=45je3ap0v9119010253&_p=1593081921&gcd=11l1l1l1l1&cid=64634378.1698419038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AgAI&_s=1&sid=1698419037&sct=1&seg=0&dl=https%3A%2F%2Fnotapositiva.com%2F&dt=NotaPositiva%20-%20Portal%20de%20apoio%20aos%20estudantes%20onde%20s%C3%A3o%20publicados%20trabalhos%20escolares%2C%20textos%20de%20apoio%2C%20exerc%C3%ADcios%20resolvidos%2C%20etc.%20de%20todas%20as%20disciplinas%20e%20n%C3%ADveis%20de%20ensino.&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZ16J12X2G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notapositiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 30ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VZ16J12X2G&gtm=45je3ap0v9119010253&_p=1593081921&gcd=11l1l1l1l1&cid=64634378.1698419038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAgI&_s=2&sid=1698419037&sct=1&seg=0&dl=https%3A%2F%2Fnotapositiva.com%2F&dt=NotaPositiva%20-%20Portal%20de%20apoio%20aos%20estudantes%20onde%20s%C3%A3o%20publicados%20trabalhos%20escolares%2C%20textos%20de%20apoio%2C%20exerc%C3%ADcios%20resolvidos%2C%20etc.%20de%20todas%20as%20disciplinas%20e%20n%C3%ADveis%20de%20ensino.&en=an%C3%BAncio_autope%C3%A7as&_c=1&_et=24
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZ16J12X2G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notapositiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 26ms
26ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1593081921&t=pageview&_s=1&dl=https%3A%2F%2Fnotapositiva.com%2F&ul=en-us&de=UTF-8&dt=NotaPositiva%20-%20Portal%20de%20apoio%20aos%20estudantes%20onde%20s%C3%A3o%20publicados%20trabalhos%20escolares%2C%20textos%20de%20apoio%2C%20exerc%C3%ADcios%20resolvidos%2C%20etc.%20de%20todas%20as%20disciplinas%20e%20n%C3%ADveis%20de%20ensino.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1911097586&gjid=1162431940&cid=64634378.1698419038&tid=UA-4477715-1&_gid=1423157640.1698419038&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=1832997900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://notapositiva.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notapositiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 396 KB
135 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0045970822945595&plah=notapositiva.com&bust=31079247

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0480e71e1002547d037ecca711330546e530ddb02b8433ebb34121bb80a6ee28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137526
x-xss-protection: 0
server: cafe
etag: 12394575436651334339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 15:03:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 9ED6 10 KB
5 KB 67ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notapositiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 70425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 19:30:12 GMT
etag: 4569948109300706969
expires: Thu, 09 Nov 2023 19:30:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 64ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4477715-1&cid=64634378.1698419038&jid=1911097586&gjid=1162431940&_gid=1423157640.1698419038&_u=YADAAUAAAAAAACAAI~&z=308801869

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://notapositiva.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Oct 2023 15:03:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notapositiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
608 B 74ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=notapositiva.com&callback=_gfp_s_&client=ca-pub-0045970822945595

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0045970822945595&plah=notapositiva.com&bust=31079247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74435ef7080ebd69d1eb282c5046ba00db0f3f32d1ae4155b29c33a7c3378b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C89 130 KB
42 KB 534ms
533ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5340f559582394e49957865d3d10378f90669d6d0e2bb018f3d87588414ac4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notapositiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42595
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 15:03:58 GMT
expires: Fri, 27 Oct 2023 15:03:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A4E 87 KB
28 KB 477ms
476ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=996555999&adf=2364240886&pi=t.ma~as.7775112206&w=848&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=848x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=202&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WZgOk3iVH3&p=https%3A//notapositiva.com&dtd=205

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26513ab894893a278667845ecd8964e47da0967f8365f5040f944e15ca57591b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notapositiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28187
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 15:03:58 GMT
expires: Fri, 27 Oct 2023 15:03:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F74 36 KB
13 KB 634ms
634ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c143028eb0ac460e307086a5f19306cb9a24b1fa87a9168d3f343e13aba8250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notapositiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 15:03:58 GMT
expires: Fri, 27 Oct 2023 15:03:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F34 9 KB
4 KB 367ms
367ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&adk=1812271804&adf=3025194257&lmt=1698411838&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037829&bpp=1&bdt=322&idt=201&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280%2C263x600&nras=1&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

195f624eefaf54a0bac973d7cfe6fc3956224e89b80b0e027326e337dcd887b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notapositiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4293
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 15:03:58 GMT
expires: Fri, 27 Oct 2023 15:03:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 120ms
120ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=remodal-wrapper%20remodal-is-opening&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 121ms
120ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=remodal-wrapper%20remodal-is-opening&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 2A4E 23 KB
9 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=996555999&adf=2364240886&pi=t.ma~as.7775112206&w=848&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=848x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=202&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WZgOk3iVH3&p=https%3A//notapositiva.com&dtd=205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2A4E 8 KB
846 B 30ms
28ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 14:58:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 15:03:58 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/ Frame 2A4E 15 KB
3 KB 68ms
20ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 10:35:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 12:54:13 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/ Frame 2A4E 372 KB
129 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0534405eb811de03048e0a09ce3b5ab4b1c90841ac9ecebaeb64a6842370618e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132281
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 10:35:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 05:24:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 2A4E 20 KB
9 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7C89 14 KB
1 KB 31ms
31ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 14:59:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 15:03:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 7C89 2 KB
879 B 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 7C89 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 7C89 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 13:08:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 7C89 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C89 187 KB
59 KB 105ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 15:03:58 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 7C89 36 KB
15 KB 102ms
31ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 16:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 16:42:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17148359758351547694/ Frame 7C89 18 KB
19 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17148359758351547694/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce59da18b34402737308c8da16c7b332eda5f5397d663df338d5309ea40eb06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 07:39:08 GMT
x-content-type-options: nosniff
age: 285890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18703
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:34:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Oct 2024 07:39:08 GMT

GET
DATA 200
OK truncated
/ Frame 7C89 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7C89 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7C89 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1524e7cfb8f8e294795bca10578129b7f2495a019297e3872c6f8b2a09051dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 2A4E 0
234 B 505ms
173ms Ping
image/gif 2607:f8b0:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lo8qudh7&c=5780853530298&slotId=2890426765149&qqid=CPmDyfu_loIDFR_99QIdN6sNxA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A4E 15 KB
16 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 333915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 18:18:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A4E 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 316911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 23:02:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A4E 0
20 B 124ms
124ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CrdsBXtE7ZfncBp_618cPt9a2oAyEnvDFc9qhr-2dEpvNmo7mQBABIOHRhQNgkQTIAQWpAvQ-v6ZSCng-qAMByAObhICABKoE7gFP0NdZxXv1hxFaozB-Ub50hfjWpBVd0YLa6meMLXx1A-bmEwZy-kNU1es_-6Cs_7qxpIUE0LwZRU_clikmEDrMtvptpqR4Khyxt1Q_T1LIwoaQeH9xbMjpIgZMkle9Da8M30qWQZpaJnOhRCuJcVjUnyQ1EV7n9vSTOTWnhqiXCINBWl4u_h8nKEUT8ksHG0RjROEQQquoJ5GauaRccM2i0DC2wkNerZRgJ45tJCYDqmdD7z0nhQ4G1BxFHIS19JYqPhl6ElsBF8cHA3Npc85K8Q5JEDpAI8XimU70qCp586LPJqzgcgp78fLJmIccwATLj5C0wATgBAOIBeijs_dMkAYBoAZ2gAeym7b9BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwMKgoKCOS0sQLutbECqg0CTkywE9SjpRXIE5ym3eMD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1698419038659&ai=CrdsBXtE7ZfncBp_618cPt9a2oAyEnvDFc9qhr-2dEpvNmo7mQBABIOHRhQNgkQTIAQWpAvQ-v6ZSCng-qAMByAObhICABKoE7gFP0NdZxXv1hxFaozB-Ub50hfjWpBVd0YLa6meMLXx1A-bmEwZy-kNU1es_-6Cs_7qxpIUE0LwZRU_clikmEDrMtvptpqR4Khyxt1Q_T1LIwoaQeH9xbMjpIgZMkle9Da8M30qWQZpaJnOhRCuJcVjUnyQ1EV7n9vSTOTWnhqiXCINBWl4u_h8nKEUT8ksHG0RjROEQQquoJ5GauaRccM2i0DC2wkNerZRgJ45tJCYDqmdD7z0nhQ4G1BxFHIS19JYqPhl6ElsBF8cHA3Npc85K8Q5JEDpAI8XimU70qCp586LPJqzgcgp78fLJmIccwATLj5C0wATgBAOIBeijs_dMkAYBoAZ2gAeym7b9BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwMKgoKCOS0sQLutbECqg0CTkywE9SjpRXIE5ym3eMD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2A4E 0
54 B 494ms
173ms Ping
image/gif 2607:f8b0:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lo8qudhg&c=5780853530298&slotId=2890426765149&qqid=CPmDyfu_loIDFR_99QIdN6sNxA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.hy&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 2A4E 31 KB
18 KB 259ms
54ms XHR
text/xml 74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bkt_k3gY6bsxGjIjXH62-XzOFoxVqMnNq4i0-RFkMXzxaPIyCBNnJ27Z9wzTensIYn7X4SLD4D_N23REYCPsyEzr2uew&cry=1&dbm_d=AKAmf-BXfMy8oTn8EB5sqkIMkk7YePQ7Lr74k1tgEPNrAyyBPrJHf-4J685f0qiuYKkUCLoeHUNEgrfGtxfzhe84GYttxNbar-0mVooSJ2bPeSXTs2MlJ6jbCOdRILItjbsRncVV0lJ0ZwYTxKj19QFNClenFZNelV79x6Qk4kJKdsrrKcvtF8rMVYCJ_pAHWCX2xsyzr3B4B8IwoZiH3awOaGDpzsl5Usn09jWyF6j9IaEBPg0jYKbPd3ETo2NWh5MiP0SGGVc-EMiYZEqEQljBrSFjMESpZlWNpPmhJatPb-q37Ajo-lGEssj4zbdlC6cDKij2qVCUUhPzKX_k7zXWV_86nXYxd8RCR0fu79SsX2T9D6V-AIUaSzpwMvL3MeFqd31_x7GrbLFyL7d3M1ITOXFhrLsx1pIWFh99JAdH0NB2OBh_ratZUeS3TKmB2sm_PoB2aLrLzGpA-fXNx-7TPzBeStCJ5xzAU3ce8JJ13U1uDOhehCr99bdx8xqVpZcjSlzTkslEQKiTWcW344tyhAYM7mfxMUt6wDOOD_ZIVdndZ6FKOV5O4xPv61SYgvG4VfWWIANCz6-LCBm4q0W26eUijBX_P90dQVX1Toke8cVrux0qhe8UU-FkPWAqfM1KZYf6M4rRZxe-7YCt2hG9pfT1ox53_foXzTod8xYitn0Y5CQm3UN4LjAjyQM7U3EQux6-c7Mu4OOqcMeiXC0bUgpPOh-VAfQoul1A0UxFMLA4MtR0FBz_GOB5uglHcwjotioC4-gmzqmoQBokmUSDbc5ZLMZJcyyZy5pCmSJ0Y1TIHaVf9BJqrrVB-w1V4ZnLXQ-7p4QJVTEajAw0XRCzcHWgP49T5YHrjz4tRdfwoVXreAYMTpKHn7kHP27sSNhfsdhvfESowEoAYz_ZHwSvCOZoAmz6p5niHjifhO9MlWqBcnETTa86GtrEC1wRcYj0rlVvHE7eiquLBcRjpRo49p39JwzsTQ27fUgQXcGu7qbGWIpWCjYgLtj5epMOTv_A4DoS82H7a-FCJaa6pexq7XaIM6ZW1naxt2aWabMCYjy2F_a5f2H2sw8XQKjP7WKIX2ZfK-FrNZqsUvxRphDT1bQZPgMw-_1a3pnDfTa57Y4JLab6tmPJWSbZaJSvWCIABa-any958gOR6Am_Z8-4mVk5PknTB-ZKP6s_I7qYdyOPmpRI9AZXV4XoPktPuX0gNEkaEfbjuLpScXz7YaZhL9tGrV9QNEio_B2AZkd1aVtuoBtHNGjDDWaTlS0MLa6Lkj9YhRbOrKVX9cUFTe3Dp67Ink2EnL91U1pvtXK5z4X1UOqiaVxk1vOEhS6CxarjsW8DWoMoRG9Xl3-kPziM5Rv69irY1GgqDn18xMj3a5qqQWcX8rjitSqKRA1VILmBa9uMkZcTUydH9uF-rYk2vCZLtCiUvhn_dsuzHZfft36K4PH8W-iZSrCa7MuZSjeOKbpDc_oFCD8h88HEN_OJtBVKxzQ2AF3LWwWi1MDUHzimKBP7_b5_4nkDejECX26q0XV6npn9HTsohh0bnTenNnhARx-n69xVngZj5XncaGkOdVP_tyb9KsDJD5FegY3snJ-dAc4jUNT0U6W3TdneomLhVUkxVh6MO5jEzi1x50UeajGWFaKv4zugouy2OJCAmuXaEBShIcUZgZ0FM8wYftpRp5O5T8-aehYQUetBf7aERgsOLMqFqSvfs7phESIISXjDKQTrPWiStnfB89O4_FhpttGzZjQpZLDvOPqBUbIUVtMGVc144q8vusP4HrBfqh5GPj2jnlKfAeBKfn1ucmFqFvHAKuaRUbpYBb3FKSXBlqlRgLtx0RlqjEVnXMrnTQ0aIw34qo-0mQ5jS19_5kaXsr6rXjXdim0rz7ftLK9sEKkv0Tu-u8vyJKwOH4IzBLMaMzevPmVColsHpmKsv0XbfC0ADvVIxaWglB6Jwq2lY7pH0LNYDppY7ytIq06TntzAZ9adpx8S0OPZfnaE2ZDQGdVjiWLMij7kujIv5WOuyctcQy8j6OD3XJeGvpx0W2VTxJrVJbgKRpIrXUYSdZVm7JI44QLMEzaiYZyeKCsDDcsX0WlqmBSGMIidOuo49BkL4jnxbpc9OOf8fDavJvJp9fKym14NsVOp2Rn1em68El34O71wI9QPXGPQgFNt1BVLKwF8VMt9UPMcfLzm_XUA9t_sn03rrleY6ZrThZugwf1UsNa5bXWX1_aUbgti7gq7FI3AUfHfM9BdK75zd5L75jQswGDzt9hzA1leyPfUV1MkqLkHVL-n0DI1d2eWQ2cpqbaCoT1ZQYLttymlYVWVV0gcEoHjoo13q7UiE1L9sEl2qp9JLs1HAA5Ni3d9TpRSoXPx05cgt2VJhD3oM1rQecCQd0fhfXYsc9ctZmB2KTCElxyitXcbf7Tbw8rqWoWPK9L29A4zmxzM4gYGlEIV5fYJcxjsu6k-b0OfD-r5P5S3eS6r80RN8sHoBOHwzhy9QEOayyml_7_Lw9PfmlXc17G_8v2sFf3uFAv1WGyMPzBT6KMxvn2uoGL6pGQVg5n-sClBWKHYNLdTd_rMseHwrp-WsHS-PScxGn-nx_UAbhp0TZs-EwzTwR5wDqRt7M-HGMpZbKG3v3_2V-Fiqi7rla3doA85LGK6RxAEoOQ-dECxUCkEOi5GtY6ecpT2kRqbeCQERQGxMeNYq5OVcSxJTBQFdR88_Z__A29xSw8_hMS-eM_crDItRXR29oDJZmsqnSBoPNz9DOKCa3Us5sMOvhVEtib2SCn_27hIWxXPx6w-Qm3eJ-feH_aGKzOGmGqoBEcnd1Hpy_UmSltmWkXklbcraxwNlhrqROWo6cDhWODkREETZGy_LsUmaATCk5kNPPy9PqlN3iwSEf5-dSO75HUO98gr4BQm-7i-mxQujhXyKmbHA7ifRXv73s98fKSSgwQGkmbeGansOJWIog3FWobBATF-rJbFZ_EbSd7c5PCq5bcytWUJqFG5iPINNTtSLj0Z5keAtt3FVDJicnQbn78ausnPbiYl7fOYR1T9nbMs032GnSESTySOshLcnOB1bmXbcMK2ovpz6i3SAqt3xE30DMfVG87e54ofL7AgnA-MQQBEkbX5YvsNP8IE0WpIG3ZHxj0NW8JqiP9a6ZhLsiq55dW-FlLG2urYnes8qP8EMeNqPXyshhoxjpYPTCXnyppkn6slR1gx91syG_7PRzfD4duOiagIdT62CFa7lxqAYa6PrgJjUSQeketsXCY4_k85kMDr8nXRarg1kaC4CJwEk6OcmbEEG52gOgzx8vQMk9faOiDw296HqBdFUzOMrzlx57BcSJhtctkAq8AHhIWqo7n48UXXiRTsCJjIKLtuaw0RJOY_VVy9_-qCEGA1Ow7okcmq7b5yode0MFdVYIzTr3Eo5YVJb7lX6qQqPjnUush_YXQFK5clrKUh79MjaXeEmyEo-f1gGTocy9cpKrY3bfl_9QLHbri-Jc1r56SbtLoildxas6irwl97KzaAc6y3bxnKNp6FPRIez1TVcI9q7aGSF4-S0PGLMCYv5WsMGVJ0UaaSKehXmdDzK-zIDbG5-u-Yl7K_ne4CnRP_5byNEn1G9s_XyX7uC3T3OkwTK9DXHUu_t57Lpk8A7mXRsFkFK8mX9H220TDGrQlaDcIZ_GRGTAegwxf_Oy3vCBmGIzg&cid=CAQSSwDICaaNSJR4NxqB6MtuSxaNYazhQWFPTKrtW_tf-ToIWHw1KHJ7A0IAp8lEJWVQfS_s4734MfnrmFnjQlyhBIIwO6g-B0yCOKqJbBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f157.1e100.net

Software

cafe /

Resource Hash

a320ca8d6975393b0b93083ea4b4c669a20feaf2da7362832ec4eabf287d824e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17340
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2A4E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34af07ecee7f77f4cfc70a465df9c95db29fc029a007b43eb4949ff8685ed725

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2F05 624 B
246 B 64ms
60ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQ7ayH0QQYxNub8gEwAQ&v=APEucNX1Gr2vmEwYti2n7cS39QJgObrWVN2iN3446AFYMCeWESH3g7d6BDFkc7xmddoxjmEnjn73hF5uwpk4HZhz7Z2xW4XTnYhL5xMsVJKjdl2TgYh5RNOmUb6aasyLqKktBcqkdRKUf1S4kTwV3lg7QT6Ta-2RAf7JHxuEa3fQ2JF2jd1LM10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 15:03:58 GMT
expires: Fri, 27 Oct 2023 15:03:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EE78 89 KB
31 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 15:03:58 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1494005/73005731/xbbe/creative/ Frame EE78 259 KB
79 KB 219ms
35ms Script
application/javascript 34.243.164.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1494005/73005731/xbbe/creative/adj?p=APEucNWaz5Wh-mguGg-lapCRaLNCYyj40nd1jMApDYfCMNNEzCo-qSY&d=CokBAKAmf-A1nrKKH0FX3B9qJU9meCUZy2UbEHhyWkysUYlecg6cOjEQ2Eff6J9NjVASD0nesLA9A_NHrGCT9UqLCEJ0WQSVzj1UC-n8vHqCKbzo02VrFxZ8PfAqoNcvYgbM695gI1W-1BEQMhFzOrbN9r6LYBsbrr6csfBHNoIKjZ8WNmnV2QqaUVYS-RMAoCZ_4O5htL6MGGqdBAcOPW7abNiwgSi5XXqqzPUKjrXUvmEgyaT7CWRm3DhdZtHIpG1HitrRhhVqGfVKEfQ1LSIiGxhSVBHL9-oqiA6xWI_aPDWxpFm0fwhhny9_eBaVxrn0ttjZpN4LGkyPVHbQif4v6eKFobqzybJjRmBiqrHrb06iBSifsT457TrpzWkUWcfgwQMMXMSz6PFgv6JCFnQKyvf_t0Y2ExwAATxZOJ7NOK4DNwaAksB9GwCtof5yj9pHcnxn13sGPSZs4MMH3RBEi9OzyKHjR4Tlqf_9-It38k5NzmZlVika7FQ3P-yoaYyqW0hmdRI-vQA9DkyW-rI9krUoQf7vOavzzikbG-YZ7ZzZJ6VKS1KJ5uyu3zumXqIP1EO7Yu4uj-ii6QKC4x7K2yLw0n5b6kHB8B6PEsS2fHpH9_uOOQcL9YQJu0DaeVTMNZEJDN-xXIE-mnSLjAhmMDaop2Av2mqHfsTskXSVRd40Vpkib18te04DbPAB-WhIhscnjEB8ggcvZg8gAKt9-I7Vlp5GPrGTQ8bS3k5ZnDWBXTZNxvfNjrAn_bboKhGnLRIxLyXC06M1vLuFbaKyyiRKgdzG722skby_HrusZHdcklzGN-NeVLFfvjCDTJFvAZeEUjH9ICoMR-y3zdbzK9mLSaaQcLakTPRxdraVgWngCo14xAX2yBLh5baxldWnjKNA3XZQP4DXlrE1hMUKfyiq2KTfX6b5KLC-OrG26r-vFE4HLbwxusk5NJEyDtORHpxK9Oob5KB2IVBSRlkU214gFu3CqNXrGxQvXoXokVyoQ0iUlQuLp2LPcUwy_wQp5bdhnghUy9DFp6prblAyj74itdR4Bh2vNlLgZb781HQknXAV3F0XC93zsagO1MhuEexEDQ1joytSGn9pojGf6qpnKJkqNLDV9NSPoqbFmP7Qg0CjEUqhmluhss2y2ogkkd_YXTDzr5BMUkZdpQ71lbvb9GBVDvbjODXT8OAm2yO66_kbTo01lmAnPS4P3o0cx73E0AW4r2TlWC1pc6cqzq8hnaCq7fHsv2z4_plqWf38DmB9GBf-SjPUssMg3dDRaX9Uycwc4-TbkQ_p-1dMrC4eQU4fiiQjMzwz01nYJotPgodKA820VPoku0cStTo-_brpGsn9xyRrnaS1H3vXkyZLlLNA4x8r8V4ZxMDTsLW2l-0Lb-WU4Hu7Zfq6uImIDs4Nq_nUg6zevmNwjO4Qovi9vrjSbNHzZqsxkWElBdof34j4CpvcA0xW9l3_LGnKYYzY1AbJmGN13J4xv15ZsYPKaG1CIu6FZDmCZXSogdvs32chXIrooH5BFCpyjwJINsYb47GwGkYAn4CrGz7Ia0Rfy8bb32uWGVRQzOvd2USSngtEtUSrPe4P9SnnsWq4m_69nk49zaVHVFEUMUACW0DMJmJWkxfuAHiN5eDZ41jXRkk98ci5bTPvjRML928DwJc1oKKMDFh0oStVzWGaZRfIz0bjdUgm01BldHMumgsF1YERnKW9EtH312ahz4Zh42qlrceH6bSfuDpWFfg9LrIsauagpJ_mZanKDYmjytoBXo2akOyQ8banreOkmIYDCm1fRZ6aw8Y8GZUKo8cM1u_xuIt_6aQ9VU4M6zWjIiMP2zdGySCXHUjEl047SgxpxdfDnvpG8ijR-YJEO9_rHRr2Ic6MS00IXBx7zVFquhoM6CoBZj7qiXD_Q14Uwfwpl110sRWELpdadI3SnC4kWHJmnDl-AQW2BctcSQrThWwTKq335KpP4LGFlsm7RtdiP5jyajTWCZD5B1fyac-V1jEuh17HzkG11lvvYchEFFPL1ZXxbk9FUbwk-EmyIgSLlhSHsML86Bq7XGL26weSy6g1_UQ31_NYLySn5s2rPvDH_8leBAGBh7-zhCMBSnkz5gPPOTClrFGQt5RVT5cP28PjR_M-YDDwcGfuzK7cdgusYF1IbVGmuxpp_s6o1_RDf2oJSsDtDztHjVHPhFIW5jB38KNi1Firc4rQ7DLM1pYPAZTQoZtpHKF8nuMGMnB2hZXW7tw7HfunrqE__Vwc2vcsgJpwNSKs0O7rO2n2cKC4T9uWToOYPpebWsMau9in6Ct1iV1bgzCJ9vD9PXogvp_rPCwwaWbwWewUl1mZ-hvGeBKtOl-7D03zzESeqYXeQzHX8DaQr-r9jocL-vuYhxgntWgJUF83Ibi_ZL5ljAzykXMuRW1Wp9uq7tCWK8_jGHGrR8XL0up344fHZiIII_Gs5982Mh1-X8jW3W4wYuwgubeEGLeXcVmkL8YGxyO-BiNcPLCuQaFfCGbPLdfY9-_1E8dY99zpmNaR3tr7qj7nPKazhvJj9hY_xz3Co1hJTKZdrwunCbjkTt_MWC_RSr4SyYxfw2qx5SahpvCcY3ibH0DhC3zxXCCr0FHZGljzUHeP77StQyuISmJugmKKyBwLS-K6q2xv8vWv9dniXVKwoKwPitqPOE_3SDQ_KkBoHRH4EiyA0xZQ2ZpGpFUpTe028Ob9fEQ_i9fI8m10dnDL0_-quXH5pyYPzEb1HRuDaIyi39s14NA8te7k5cCe4-gBO2gkwdMkUbKgRrrw9rbX6iPh6J9IdtjpQgMcT3OF98MTW4GPUbst9PFLas4QFlVv3QkDIEYz-Adi2wf9I-6JFVypbEsG4VIjfVEaZHOVLRMz6Kpczfk4F91imSNZb_538BwXZvj7aALszkPYcMBgEOwfWWglSpXL5NR6ZTZjsosK36vzzy1rXcehyFWfeOL1nwUXCCqTBU5UFS_rFA6SA3CXhuJ7uHazBz9CuNxaAzjq-ZYlnDeT44JmCZnPAcqwM4IfuQoavAvuY75UYYFQYx-czviSg0TjIktOCTVbD1w3rCT14f_6OlaplTIeg_7_answggkMo_ez7CUlIYjDo8GIp01CdzoYbPkYazAtHvyqDdpzTNM_AQ1mwwphpe7xhRiibxoB720l1O-sGuiF0GZUkL3Sp0XyAcjyQ81TU7SVEFSJmbFn-m5ydjYf9JRHXInaeehyKT2uEIrFtT5Aw1V9-D_KsT3CRsDqC90hVeYvpBRzMhucvuCRMgvwN0JVynXi5hSlUMaujQ0WOaYP7fsvGqtX9aMTSCjgpAwboa5rU6ccKtAJa6KbGzG97dSm7OT-IqPBUhQVlI3aH231WwXRgQ8vHYreYFrqbDOTkT1FWWxG4Kum9k6JkGf9cqwrXRtGHb1hxmFxog_6RbSahMvwSUDMFUBTZkASIRMty9iZSUOfy-N2UIWjr7ODjYFMK0EWlICa7c0odwuZRpBWRHrx-94KiGuTdV7UqiWzX7V4WksWqkHeQKHoJVpwJvmPQEQlCSTX0vUSaWSKpTMJxjsipGZZ97wOdYMwh9hUA1tWxMYaUAgEEkoAyAmmjTGO7QvgInWMPBu0KAe3RrP1R6nnEVRDGKhpLAF1L5Wb3CJ4QPJtK0XhXI9N7Y1bERH4Tg2bM5GbX-LqdPWwFxflou7mQxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1012484845&ias_pubId=pub-0045970822945595&ias_chanId=1&ias_placementId=20122610338&bidurl=https://notapositiva.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g3aXgm2Q8ssyscZHGN1CWs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.164.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-164-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e49275d912d467a1ad3f86317e69621ed1a5fb04b26aac9b3e77aa4031a64105

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame EE78 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 13:08:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame EE78 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE78 187 KB
59 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 15:03:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE78 42 B
63 B 121ms
120ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-ht8wgjGwq2MpUg4Q7owuPkHdUGXX9RzV59XmLTWTsOePiWA3Sx1ig5IXHQVj21iSUux0oQuMxOfSvnXOAWcSAo6KfEPP-OPTNwpd_RGhyvTERow

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE78 0
20 B 122ms
121ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15133899555033775247&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7C89 33 KB
33 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 280480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 09:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7C89
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoD3GXtE7ZYi9BqPqgrAP9Nuc2AW16s7Pc-zenOKZEY_ljMzlBBABIOHRhQNgkQSgAfT__-kCyAEJqQLb8Ve17JqyPqgDAcgDywSqBMcBT9CWwZsn2h9ln1GfF188SzjSRYtxrUMCSTZ3MGN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223686443777338662927%22,%22debug_reporting%22:true,%22destination%22:%22https://msc.com%22,%22event_report_window%22:%22259...

0
0

97ms
53ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223686443777338662927%22,%22debug_reporting%22:true,%22destination%22:%22https://msc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22759169012%22],%224%22:[%2210-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224061504509429081233%22}&andc=true

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3686443777338662927","debug_reporting":true,"destination":"https://msc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["759169012"],"4":["10-27"],"6":["true"]},"priority":"500","source_event_id":"4061504509429081233"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Oct 2023 15:03:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3686443777338662927","debug_reporting":true,"destination":"https://msc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["759169012"],"4":["10-27"],"6":["true"]},"priority":"500","source_event_id":"4061504509429081233"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js Show response
pagead2.googlesyndication.com/bg/ Frame D3B3 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=4019472189&adf=1158822730&pi=t.ma~as.7775112206&w=840&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=840x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037814&bpp=3&bdt=307&idt=185&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&correlator=6010391235101&frm=20&pv=2&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5jt8TKqWu8&p=https%3A//notapositiva.com&dtd=199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15118
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 16:25:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A4E 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cby9-XtE7ZfncBp_618cPt9a2oAyEnvDFc9qhr-2dEpvNmo7mQBABIOHRhQNgkQTIAQWpAvQ-v6ZSCng-qAMBqgTrAU_Q11nFe_WHEVqjMH5RvnSF-NakFV3RgtrqZ4wtfHUD5uYTBnL6Q1TV6z_7oKz_urGkhQTQvBlFT9yWKSYQOsy2-m2mpHgqHLG3VD9PUsjChpB4f3FsyOkiBkySV70NrwzfSpZBmlomc6FEK4lxWNSfJDURXuf29JM5NaeGqJcIg0FaXi7-HycoRRPySwcbRGNE4RBCq6gnkZq5pFxwzaLQMLbCQ16tlGAnjjUlvPY59QV92-IZI9VIGpbvv2YH9JCVHsORaSUdZA0qa__vfU1Ih9g-FFjsNwminSVcB1XrRj-igTMb3P4XflLABMuPkLTABOAEA4gF6KOz90ySBQYIGxADGAOSBQ0IIhABGAFI-PeOAlABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeym7b9BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMr1RxiCxsT6AdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAwqCgoI5LSxAu61sQKwE9SjpRXIE5ym3eMD0BMA2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTAwNDU5NzA4MjI5NDU1OTUYAOgXBQ&sigh=YXF9iLnZ5Yo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNSJR4NxqB6MtuSxaNYazhQWFPTKrtW_tf-ToIWHw1KHJ7A0IAp8lEJWVQfS_s4734MfnrmFnjQlyhBIIwO6g-B0yCOKqJbBgB&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=280&slotname=7775112206&adk=996555999&adf=2364240886&pi=t.ma~as.7775112206&w=848&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=848x280&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=202&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WZgOk3iVH3&p=https%3A//notapositiva.com&dtd=205
Attribution-Reporting-Eligible: event-source
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE78 0
20 B 119ms
119ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5542474887553&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE78 0
20 B 121ms
121ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5542474887553&version=m202309260101&ct=76&x=1&cor=15133899555033776000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EE78 16 KB
12 KB 161ms
160ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk040R5pFZx-d5t75Mb7g9hath0W_aYHfaYgoO3YHgWP8OUsgeNAJSEckIaEUfrv9y1RGrfy3z20F_Jxvz7ZWlnXpXTQvV0tnt_58bWf-gxlGQHxvjvnR8KwUlNp9f_gdOZ6rkl9gDHaDkiaA2j6ts8AHvmhyoxGpqguVQFFXsb-v598U&cry=1&dbm_d=AKAmf-CoJ3tWOCX_eUGGPKcY4IaFC4s0gRdpsYNq2ntbC9Wcr62Z3LmVo9ZFJdHOo4ablXlhZcOGuHKWQE54iXOUHFFfhQZvxOGjLODd_3Ddtu0OOmz2SwaEv6Z39pDFJpoJNRXpXymVc8syMUhrcLgWOgp1G9qh6pP8yxub2JrWk-zB00izUeoWF84pkTQuTzVzCyuuRHPrCTX407_1txejPxNOTSua_z_fkodyGL-yKN1t9XcFAXkIYD--IekfxGKvdFr67xzPYeLGK9H_ivTfGMvKsv5p5Iab678RrVqocFdCQ0l5CTQ5_cy0hiWTuFfWokspSAtxx-Lg5sXEpJ-oBJcyRuqoiASieAxxYdiO-hdSAp-RRhQ4bJheorGrR8e5PU7rw5cpXWENNm2DMDt46Bpx7Vt9yRnrKm9_PXi3ch34KhPDfXEXeCvDVKunBUw63OQdYsINJg3BRCz9jO0LPq42pAxJqqwXotHNlmy9rxxRsamYJGCiocPApEEJOsqhElKlO8cSg3pINDRvF0PqSC_dmtVZl4HoeS8zFAXVUJpH5FHmMLXb-Mk9gt-JYxeWhHEUDcIOveld49PLzU8x3lR-iQFGq_QruLpOh0M-OMA8pq9n5yJDcVdFFvwQX1wZuzVHsl2CLzpZo1332aCZATTFjast3V1GBunN-d07IWndNVnGD1s2CFXXHeGkGFXQxhvqgt46U6hXbA05InnUUWiT33CfTWc1QwGNWdMzEK9MGmr2X3g3oP9H2hr4tjUkOcJhxOw3RdqyBkffOL3CADzG5_xFt_WdtIpTc8FIic7g1zS_KzRZ_T7Z_UverkXm0YjM-C0KqpXGnIP900QMiCVuCMKnVAm7C6zk785zwrdTPoNwEuPzAfVa9-BPtZC0hZk1eQS5pQOuoJTZ_bejNeBDyTiI-Pr7lMx85CLlIcJekjmJo41PO9S-bm6ovZ9b1HrVx8AJQ-TUG28qSeSN6Z3NI91Xla9mv6SxpoNhprR2iA_SycaNcfW9zKAO67IObfh8RM16rZILAx8H_UICC30RVWekqArK6UXEhbH18lLi80uiHsaf03JSqofXV410929QqRX3_kUbexXwhjXJZ2Dm8iIDQGiE-7wg62EH-0Cn3sz-zZFZsUx2B88Z4DeeMDB5ZcgSE4IMEbhe4bGzjQfIct8EeBwyp-pHeUcKR-LbATs09gKY0_BZ0TGo3HA3Y-rEGQMKZl-G9tZ013Ibtg-jkUwxRWDBzOUbw_Q8F-QI3EbLhqNb3V8f-gWH0ubZ7s5QftyxPrCEPhoghh5XbWpg46gNef3ud_r0Kfo7g4QJEAXhxVjbvY_TsmYup33sCgMKy3qFpUQvMXgcutQ3AXBLXj8yAXATopZT-UOKFiiYDqzax8EEbHPczMRtIxIUeBBB1RkX2Dbp1qDlcRZF6ojtrbXyFQDpNZtm36pkcsGUAKUIXFDRqRkRnqQ1N-0DSPVo6e8JcPJRl7wBO8xUYKnN0sqve_4H2xXsy0bDJDcyEYX3UV5eav7wB3NBUibb7gXp8Vst3rfBvXaA8kMHhL0GXhqDvioDK7YAIs-Zm_-XIB_jxueVeeesny9s9eG_P8gtH7thhpoqfgXCTJ1Mtnsokb3H2SBvwC8PKuNxXBgwaHjcf5niQEornHDUkb2PwanlsN8tSe0LTJaFCezSdbCpIFTnTTOB4XFJQPc-200zb1z-AVZK9wP4hAdaTvZjd9OmVK4wuv8xqNrY-A782mQv0pYt_rG6asB21pUIjeTiEQ7ok1t0NBzuwnirP8dmFCn-iRkDXCxghUuLPZAHFAQjo8DKMsqQ_eTM1oHU70qTzh4q3yjOpA2zKd4qTXibnsMwY-98wHeP87w-ySDAXXMyNMkD9fC7fHVNK7-55-G0jZ103vTECBoC0_STsF3vbpY5asbkwMfJHsUxcTLrgksxY3zCE4JOvcJe6gRJ-1A6uWsWVjwQO8Bii6hely2n9h8Bf-GDM0fhgqQZbwZ13gP2_ZFZeeveYZouKpughkKKWWL-TAzTo1ULVc9Qg1R2FZ6UYsV97sz9MiwoA579_zORw5nJ71FAJFmOulUw3Kl0B63-1vFbU31ECaeR6MfTopREHZRKAm6ISmiF1Knf2Yq0bOVE4d3br5YSUTpgNfex_pT6Mqp3uWO_BkyovgudoeQ0-UCkio9-cz55jjg1ohErohPBtafPRS7JDIvaA0ZI_KiEu4CufDKeCY0cnKSlwKxSWiz4cRbFRiuMUnncPFW9Lik7EQZj5tv8_RV4aBP2PkTeh8tfKuPzRr7DfTyu76RkLJNRra3YxExJoHEzh0N9DIJDdyewPS1ggonb6cqfev4y-Rbjbnxv9X7sqrXSpViok88EO6LEG37ZeWqWykVuBegFF01khnjpIpujR3586j1TZGjezGVcP8zxXKG2qspraNvYup50EMr9jmBgRmR2eG9j7rwurLpgQTTheTp6LcgfWdUlMr-n5DLVu0j5q4J_sSxYwbzDD1xbxrg7sQfIkC3QiKvXI8CZIl9xXfpkHi2VBTYOxCBbdAEfhuH8h6FQSk2vaJmJvjclU74ujh5bv4mDduT9jTbjGKrNWaZIPrdBMmrLlzAh6y48Sm47OeL3epDRNwOSOQfA8nAaN0JEt_tzdEh8bK4ke2mrVxUx-7MDADl8Sge63BQNO7k00jSjak21yAe1IGSXAqNGyoQUdl--iV4Mlv6lHUJhMpl4trRE6YhwkiHjprrQf2Ecb51QeShqgfRlgNrQfoMv5yfKsmor_td0SYWI7ZnzJ2MAGwjG41jPSAHbbNfwYVCqKI9zt_Oi0qZAbPBuKPhZt6ca2d-p9Oc-3GWubhSWLsyRiAeXTo2FOkdUN-278gGCmx_HrBmHujAKdm2pQjdtAFXDC1I0dT_8xVTE5RXRYrsQ29OISw97mGoNjxLgH9kcJdXZNdzn8xCmLtABZp8kFkHxzwNY4ryCXsGjqB0L4Z4d_gvcWqx43z4PEDBb8EkWjaKqzsfeKIBcCOfYOIJvxw28JQm8Rg&cid=CAQSSgDICaaNMY7tC-AidYw8G7QoB7dGs_VHqecRVEMYqGksAXUvlZvcInhA8m0rReFcj03tjVsREfhODZszkZtf4up09bAXF-Wi7uZDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnotapositiva.com%2F&ds=l&xdt=1&iif=1&cor=15133899555033776000&adk=497053795&idt=113&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ba4275b5107a70a02cf4bb1aae8bc7a1d07e7499ed918c20ce9126ca53e9908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12362
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 114ms
53ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 15:03:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 2F05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFMlXziWlnXfczPwIYbXNg&google_cver=1

43 B
345 B

37ms
36ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFMlXziWlnXfczPwIYbXNg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQ7ayH0QQYxNub8gEwAQ&v=APEucNX1Gr2vmEwYti2n7cS39QJgObrWVN2iN3446AFYMCeWESH3g7d6BDFkc7xmddoxjmEnjn73hF5uwpk4HZhz7Z2xW4XTnYhL5xMsVJKjdl2TgYh5RNOmUb6aasyLqKktBcqkdRKUf1S4kTwV3lg7QT6Ta-2RAf7JHxuEa3fQ2JF2jd1LM10
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFNn8LZjtL3CSMrGQBFOM2p7o%2B%2FNo2lntbuDKtfVDkWmfI5z8QbiGcT%2FJdzZ%2BnPzfBKNCIS%2Bait%2Bwc2CgN%2BIcfBp04%2BWbibZ006oy28jQhLSXuGwD%2FqLaLl4SOkuPDmNdTtTqSFSNdptJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81cbd4319d6118b9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFMlXziWlnXfczPwIYbXNg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2F05
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTvRXkJlsxMKlw4o4f2JigAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq1BeVOH5PvYN8iDiput6s&google_cver=1

43 B
774 B

52ms
51ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq1BeVOH5PvYN8iDiput6s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQ7ayH0QQYxNub8gEwAQ&v=APEucNX1Gr2vmEwYti2n7cS39QJgObrWVN2iN3446AFYMCeWESH3g7d6BDFkc7xmddoxjmEnjn73hF5uwpk4HZhz7Z2xW4XTnYhL5xMsVJKjdl2TgYh5RNOmUb6aasyLqKktBcqkdRKUf1S4kTwV3lg7QT6Ta-2RAf7JHxuEa3fQ2JF2jd1LM10
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwEhfPp5qfYDFkxO8E8wd5mAT0c6WFwjaVz98GCXO2YJy9mdFgNE66VnBX6l4%2F2tuOUAVVG%2B6a%2Fw40QkE8TFR%2Fw2t09M3F4OaL%2FjahEjxbvKjdLN%2F%2BFA5ZcNjoppXuqIYbWVQQsM6Cpoqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81cbd4322fa69978-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq1BeVOH5PvYN8iDiput6s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2F05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENWkhrsWgltzEOOY9VVkmD4&google_cver=1

43 B
839 B

30ms
29ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENWkhrsWgltzEOOY9VVkmD4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQ7ayH0QQYxNub8gEwAQ&v=APEucNX1Gr2vmEwYti2n7cS39QJgObrWVN2iN3446AFYMCeWESH3g7d6BDFkc7xmddoxjmEnjn73hF5uwpk4HZhz7Z2xW4XTnYhL5xMsVJKjdl2TgYh5RNOmUb6aasyLqKktBcqkdRKUf1S4kTwV3lg7QT6Ta-2RAf7JHxuEa3fQ2JF2jd1LM10

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
an-x-request-uuid: 768fb51f-353a-4e66-b56c-32e902a92e1a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.17.184.2; 185.17.184.2; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENWkhrsWgltzEOOY9VVkmD4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2F05
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcyMTY1NDc3NDgyMTE1NDM1OQ%3D%3D

170 B
243 B

32ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcyMTY1NDc3NDgyMTE1NDM1OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:58 GMT
an-x-request-uuid: 7298c0e2-cddf-414e-87c2-49a4bc5dd790
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcyMTY1NDc3NDgyMTE1NDM1OQ%3D%3D
x-proxy-origin: 185.17.184.2; 185.17.184.2; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2A4E 0
54 B 225ms
174ms Ping
image/gif 2607:f8b0:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lo8qudhr&c=5780853530298&slotId=2890426765149&qqid=CPmDyfu_loIDFR_99QIdN6sNxA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A4E 41 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-5hneknee.c.2mdn.net/videoplayback/id/07e15d6f5ac5969b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729955038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 2A4E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/07e15d6f5ac5969b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729955038/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/07e15d6f5ac5969b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729955038/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

84ms
14ms

Fetch
video/mp4

2a00:1450:400e:8::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/07e15d6f5ac5969b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729955038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DF92E9FA3D37F0360CCCB667E4E49359EA18E7C.212B6876ECAA006E79211DA1DA55DCF34F236B77/key/cms1/cms_redirect/yes/mh/L3/mip/2001:1af8:4020:a034:9876::10/mm/42/mn/sn-5hneknee/ms/onc/mt/1698418500/mv/u/mvi/3/pl/43/file/file.mp4

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

HTTP/1.1

Server

2a00:1450:400e:8::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 15:03:59 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4025410
Last-Modified: Fri, 13 Oct 2023 15:54:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 27 Oct 2023 15:03:59 GMT

Redirect headers

date: Fri, 27 Oct 2023 15:03:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 657
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/07e15d6f5ac5969b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729955038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DF92E9FA3D37F0360CCCB667E4E49359EA18E7C.212B6876ECAA006E79211DA1DA55DCF34F236B77/key/cms1/cms_redirect/yes/mh/L3/mip/2001:1af8:4020:a034:9876::10/mm/42/mn/sn-5hneknee/ms/onc/mt/1698418500/mv/u/mvi/3/pl/43/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame CBF3 23 KB
8 KB 25ms
19ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 194219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 09:06:59 GMT
expires: Thu, 24 Oct 2024 09:06:59 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EE78 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk040R5pFZx-d5t75Mb7g9hath0W_aYHfaYgoO3YHgWP8OUsgeNAJSEckIaEUfrv9y1RGrfy3z20F_Jxvz7ZWlnXpXTQvV0tnt_58bWf-gxlGQHxvjvnR8KwUlNp9f_gdOZ6rkl9gDHaDkiaA2j6ts8AHvmhyoxGpqguVQFFXsb-v598U&cry=1&dbm_d=AKAmf-CoJ3tWOCX_eUGGPKcY4IaFC4s0gRdpsYNq2ntbC9Wcr62Z3LmVo9ZFJdHOo4ablXlhZcOGuHKWQE54iXOUHFFfhQZvxOGjLODd_3Ddtu0OOmz2SwaEv6Z39pDFJpoJNRXpXymVc8syMUhrcLgWOgp1G9qh6pP8yxub2JrWk-zB00izUeoWF84pkTQuTzVzCyuuRHPrCTX407_1txejPxNOTSua_z_fkodyGL-yKN1t9XcFAXkIYD--IekfxGKvdFr67xzPYeLGK9H_ivTfGMvKsv5p5Iab678RrVqocFdCQ0l5CTQ5_cy0hiWTuFfWokspSAtxx-Lg5sXEpJ-oBJcyRuqoiASieAxxYdiO-hdSAp-RRhQ4bJheorGrR8e5PU7rw5cpXWENNm2DMDt46Bpx7Vt9yRnrKm9_PXi3ch34KhPDfXEXeCvDVKunBUw63OQdYsINJg3BRCz9jO0LPq42pAxJqqwXotHNlmy9rxxRsamYJGCiocPApEEJOsqhElKlO8cSg3pINDRvF0PqSC_dmtVZl4HoeS8zFAXVUJpH5FHmMLXb-Mk9gt-JYxeWhHEUDcIOveld49PLzU8x3lR-iQFGq_QruLpOh0M-OMA8pq9n5yJDcVdFFvwQX1wZuzVHsl2CLzpZo1332aCZATTFjast3V1GBunN-d07IWndNVnGD1s2CFXXHeGkGFXQxhvqgt46U6hXbA05InnUUWiT33CfTWc1QwGNWdMzEK9MGmr2X3g3oP9H2hr4tjUkOcJhxOw3RdqyBkffOL3CADzG5_xFt_WdtIpTc8FIic7g1zS_KzRZ_T7Z_UverkXm0YjM-C0KqpXGnIP900QMiCVuCMKnVAm7C6zk785zwrdTPoNwEuPzAfVa9-BPtZC0hZk1eQS5pQOuoJTZ_bejNeBDyTiI-Pr7lMx85CLlIcJekjmJo41PO9S-bm6ovZ9b1HrVx8AJQ-TUG28qSeSN6Z3NI91Xla9mv6SxpoNhprR2iA_SycaNcfW9zKAO67IObfh8RM16rZILAx8H_UICC30RVWekqArK6UXEhbH18lLi80uiHsaf03JSqofXV410929QqRX3_kUbexXwhjXJZ2Dm8iIDQGiE-7wg62EH-0Cn3sz-zZFZsUx2B88Z4DeeMDB5ZcgSE4IMEbhe4bGzjQfIct8EeBwyp-pHeUcKR-LbATs09gKY0_BZ0TGo3HA3Y-rEGQMKZl-G9tZ013Ibtg-jkUwxRWDBzOUbw_Q8F-QI3EbLhqNb3V8f-gWH0ubZ7s5QftyxPrCEPhoghh5XbWpg46gNef3ud_r0Kfo7g4QJEAXhxVjbvY_TsmYup33sCgMKy3qFpUQvMXgcutQ3AXBLXj8yAXATopZT-UOKFiiYDqzax8EEbHPczMRtIxIUeBBB1RkX2Dbp1qDlcRZF6ojtrbXyFQDpNZtm36pkcsGUAKUIXFDRqRkRnqQ1N-0DSPVo6e8JcPJRl7wBO8xUYKnN0sqve_4H2xXsy0bDJDcyEYX3UV5eav7wB3NBUibb7gXp8Vst3rfBvXaA8kMHhL0GXhqDvioDK7YAIs-Zm_-XIB_jxueVeeesny9s9eG_P8gtH7thhpoqfgXCTJ1Mtnsokb3H2SBvwC8PKuNxXBgwaHjcf5niQEornHDUkb2PwanlsN8tSe0LTJaFCezSdbCpIFTnTTOB4XFJQPc-200zb1z-AVZK9wP4hAdaTvZjd9OmVK4wuv8xqNrY-A782mQv0pYt_rG6asB21pUIjeTiEQ7ok1t0NBzuwnirP8dmFCn-iRkDXCxghUuLPZAHFAQjo8DKMsqQ_eTM1oHU70qTzh4q3yjOpA2zKd4qTXibnsMwY-98wHeP87w-ySDAXXMyNMkD9fC7fHVNK7-55-G0jZ103vTECBoC0_STsF3vbpY5asbkwMfJHsUxcTLrgksxY3zCE4JOvcJe6gRJ-1A6uWsWVjwQO8Bii6hely2n9h8Bf-GDM0fhgqQZbwZ13gP2_ZFZeeveYZouKpughkKKWWL-TAzTo1ULVc9Qg1R2FZ6UYsV97sz9MiwoA579_zORw5nJ71FAJFmOulUw3Kl0B63-1vFbU31ECaeR6MfTopREHZRKAm6ISmiF1Knf2Yq0bOVE4d3br5YSUTpgNfex_pT6Mqp3uWO_BkyovgudoeQ0-UCkio9-cz55jjg1ohErohPBtafPRS7JDIvaA0ZI_KiEu4CufDKeCY0cnKSlwKxSWiz4cRbFRiuMUnncPFW9Lik7EQZj5tv8_RV4aBP2PkTeh8tfKuPzRr7DfTyu76RkLJNRra3YxExJoHEzh0N9DIJDdyewPS1ggonb6cqfev4y-Rbjbnxv9X7sqrXSpViok88EO6LEG37ZeWqWykVuBegFF01khnjpIpujR3586j1TZGjezGVcP8zxXKG2qspraNvYup50EMr9jmBgRmR2eG9j7rwurLpgQTTheTp6LcgfWdUlMr-n5DLVu0j5q4J_sSxYwbzDD1xbxrg7sQfIkC3QiKvXI8CZIl9xXfpkHi2VBTYOxCBbdAEfhuH8h6FQSk2vaJmJvjclU74ujh5bv4mDduT9jTbjGKrNWaZIPrdBMmrLlzAh6y48Sm47OeL3epDRNwOSOQfA8nAaN0JEt_tzdEh8bK4ke2mrVxUx-7MDADl8Sge63BQNO7k00jSjak21yAe1IGSXAqNGyoQUdl--iV4Mlv6lHUJhMpl4trRE6YhwkiHjprrQf2Ecb51QeShqgfRlgNrQfoMv5yfKsmor_td0SYWI7ZnzJ2MAGwjG41jPSAHbbNfwYVCqKI9zt_Oi0qZAbPBuKPhZt6ca2d-p9Oc-3GWubhSWLsyRiAeXTo2FOkdUN-278gGCmx_HrBmHujAKdm2pQjdtAFXDC1I0dT_8xVTE5RXRYrsQ29OISw97mGoNjxLgH9kcJdXZNdzn8xCmLtABZp8kFkHxzwNY4ryCXsGjqB0L4Z4d_gvcWqx43z4PEDBb8EkWjaKqzsfeKIBcCOfYOIJvxw28JQm8Rg&cid=CAQSSgDICaaNMY7tC-AidYw8G7QoB7dGs_VHqecRVEMYqGksAXUvlZvcInhA8m0rReFcj03tjVsREfhODZszkZtf4up09bAXF-Wi7uZDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnotapositiva.com%2F&ds=l&xdt=1&iif=1&cor=15133899555033776000&adk=497053795&idt=113&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 02:22:26 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame EE78
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1494005/73005731/xbbe/creative/adj?p=APEucNWaz5Wh-mguGg-lapCRaLNCYyj40nd1jMApDYfCMNNEzCo-qSY&d=CokBAKAmf-A1nrKKH0FX3B9qJU9meCUZy2UbEHhyWkysUYlecg6cOjEQ2Eff6J9...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaz5Wh-mguGg-lapCRaLNCYyj40nd1jMApDYfCMNNEzCo-qSY&d=CokBAKAmf-A1nrKKH0FX3B9qJU9meCUZy2UbEHhyWkysUYlecg6cOjEQ2Eff6J9NjVASD0nesLA9A_NHrGCT9UqLC...

80 KB
26 KB

64ms
64ms

Script
text/javascript

74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaz5Wh-mguGg-lapCRaLNCYyj40nd1jMApDYfCMNNEzCo-qSY&d=CokBAKAmf-A1nrKKH0FX3B9qJU9meCUZy2UbEHhyWkysUYlecg6cOjEQ2Eff6J9NjVASD0nesLA9A_NHrGCT9UqLCEJ0WQSVzj1UC-n8vHqCKbzo02VrFxZ8PfAqoNcvYgbM695gI1W-1BEQMhFzOrbN9r6LYBsbrr6csfBHNoIKjZ8WNmnV2QqaUVYS-RMAoCZ_4O5htL6MGGqdBAcOPW7abNiwgSi5XXqqzPUKjrXUvmEgyaT7CWRm3DhdZtHIpG1HitrRhhVqGfVKEfQ1LSIiGxhSVBHL9-oqiA6xWI_aPDWxpFm0fwhhny9_eBaVxrn0ttjZpN4LGkyPVHbQif4v6eKFobqzybJjRmBiqrHrb06iBSifsT457TrpzWkUWcfgwQMMXMSz6PFgv6JCFnQKyvf_t0Y2ExwAATxZOJ7NOK4DNwaAksB9GwCtof5yj9pHcnxn13sGPSZs4MMH3RBEi9OzyKHjR4Tlqf_9-It38k5NzmZlVika7FQ3P-yoaYyqW0hmdRI-vQA9DkyW-rI9krUoQf7vOavzzikbG-YZ7ZzZJ6VKS1KJ5uyu3zumXqIP1EO7Yu4uj-ii6QKC4x7K2yLw0n5b6kHB8B6PEsS2fHpH9_uOOQcL9YQJu0DaeVTMNZEJDN-xXIE-mnSLjAhmMDaop2Av2mqHfsTskXSVRd40Vpkib18te04DbPAB-WhIhscnjEB8ggcvZg8gAKt9-I7Vlp5GPrGTQ8bS3k5ZnDWBXTZNxvfNjrAn_bboKhGnLRIxLyXC06M1vLuFbaKyyiRKgdzG722skby_HrusZHdcklzGN-NeVLFfvjCDTJFvAZeEUjH9ICoMR-y3zdbzK9mLSaaQcLakTPRxdraVgWngCo14xAX2yBLh5baxldWnjKNA3XZQP4DXlrE1hMUKfyiq2KTfX6b5KLC-OrG26r-vFE4HLbwxusk5NJEyDtORHpxK9Oob5KB2IVBSRlkU214gFu3CqNXrGxQvXoXokVyoQ0iUlQuLp2LPcUwy_wQp5bdhnghUy9DFp6prblAyj74itdR4Bh2vNlLgZb781HQknXAV3F0XC93zsagO1MhuEexEDQ1joytSGn9pojGf6qpnKJkqNLDV9NSPoqbFmP7Qg0CjEUqhmluhss2y2ogkkd_YXTDzr5BMUkZdpQ71lbvb9GBVDvbjODXT8OAm2yO66_kbTo01lmAnPS4P3o0cx73E0AW4r2TlWC1pc6cqzq8hnaCq7fHsv2z4_plqWf38DmB9GBf-SjPUssMg3dDRaX9Uycwc4-TbkQ_p-1dMrC4eQU4fiiQjMzwz01nYJotPgodKA820VPoku0cStTo-_brpGsn9xyRrnaS1H3vXkyZLlLNA4x8r8V4ZxMDTsLW2l-0Lb-WU4Hu7Zfq6uImIDs4Nq_nUg6zevmNwjO4Qovi9vrjSbNHzZqsxkWElBdof34j4CpvcA0xW9l3_LGnKYYzY1AbJmGN13J4xv15ZsYPKaG1CIu6FZDmCZXSogdvs32chXIrooH5BFCpyjwJINsYb47GwGkYAn4CrGz7Ia0Rfy8bb32uWGVRQzOvd2USSngtEtUSrPe4P9SnnsWq4m_69nk49zaVHVFEUMUACW0DMJmJWkxfuAHiN5eDZ41jXRkk98ci5bTPvjRML928DwJc1oKKMDFh0oStVzWGaZRfIz0bjdUgm01BldHMumgsF1YERnKW9EtH312ahz4Zh42qlrceH6bSfuDpWFfg9LrIsauagpJ_mZanKDYmjytoBXo2akOyQ8banreOkmIYDCm1fRZ6aw8Y8GZUKo8cM1u_xuIt_6aQ9VU4M6zWjIiMP2zdGySCXHUjEl047SgxpxdfDnvpG8ijR-YJEO9_rHRr2Ic6MS00IXBx7zVFquhoM6CoBZj7qiXD_Q14Uwfwpl110sRWELpdadI3SnC4kWHJmnDl-AQW2BctcSQrThWwTKq335KpP4LGFlsm7RtdiP5jyajTWCZD5B1fyac-V1jEuh17HzkG11lvvYchEFFPL1ZXxbk9FUbwk-EmyIgSLlhSHsML86Bq7XGL26weSy6g1_UQ31_NYLySn5s2rPvDH_8leBAGBh7-zhCMBSnkz5gPPOTClrFGQt5RVT5cP28PjR_M-YDDwcGfuzK7cdgusYF1IbVGmuxpp_s6o1_RDf2oJSsDtDztHjVHPhFIW5jB38KNi1Firc4rQ7DLM1pYPAZTQoZtpHKF8nuMGMnB2hZXW7tw7HfunrqE__Vwc2vcsgJpwNSKs0O7rO2n2cKC4T9uWToOYPpebWsMau9in6Ct1iV1bgzCJ9vD9PXogvp_rPCwwaWbwWewUl1mZ-hvGeBKtOl-7D03zzESeqYXeQzHX8DaQr-r9jocL-vuYhxgntWgJUF83Ibi_ZL5ljAzykXMuRW1Wp9uq7tCWK8_jGHGrR8XL0up344fHZiIII_Gs5982Mh1-X8jW3W4wYuwgubeEGLeXcVmkL8YGxyO-BiNcPLCuQaFfCGbPLdfY9-_1E8dY99zpmNaR3tr7qj7nPKazhvJj9hY_xz3Co1hJTKZdrwunCbjkTt_MWC_RSr4SyYxfw2qx5SahpvCcY3ibH0DhC3zxXCCr0FHZGljzUHeP77StQyuISmJugmKKyBwLS-K6q2xv8vWv9dniXVKwoKwPitqPOE_3SDQ_KkBoHRH4EiyA0xZQ2ZpGpFUpTe028Ob9fEQ_i9fI8m10dnDL0_-quXH5pyYPzEb1HRuDaIyi39s14NA8te7k5cCe4-gBO2gkwdMkUbKgRrrw9rbX6iPh6J9IdtjpQgMcT3OF98MTW4GPUbst9PFLas4QFlVv3QkDIEYz-Adi2wf9I-6JFVypbEsG4VIjfVEaZHOVLRMz6Kpczfk4F91imSNZb_538BwXZvj7aALszkPYcMBgEOwfWWglSpXL5NR6ZTZjsosK36vzzy1rXcehyFWfeOL1nwUXCCqTBU5UFS_rFA6SA3CXhuJ7uHazBz9CuNxaAzjq-ZYlnDeT44JmCZnPAcqwM4IfuQoavAvuY75UYYFQYx-czviSg0TjIktOCTVbD1w3rCT14f_6OlaplTIeg_7_answggkMo_ez7CUlIYjDo8GIp01CdzoYbPkYazAtHvyqDdpzTNM_AQ1mwwphpe7xhRiibxoB720l1O-sGuiF0GZUkL3Sp0XyAcjyQ81TU7SVEFSJmbFn-m5ydjYf9JRHXInaeehyKT2uEIrFtT5Aw1V9-D_KsT3CRsDqC90hVeYvpBRzMhucvuCRMgvwN0JVynXi5hSlUMaujQ0WOaYP7fsvGqtX9aMTSCjgpAwboa5rU6ccKtAJa6KbGzG97dSm7OT-IqPBUhQVlI3aH231WwXRgQ8vHYreYFrqbDOTkT1FWWxG4Kum9k6JkGf9cqwrXRtGHb1hxmFxog_6RbSahMvwSUDMFUBTZkASIRMty9iZSUOfy-N2UIWjr7ODjYFMK0EWlICa7c0odwuZRpBWRHrx-94KiGuTdV7UqiWzX7V4WksWqkHeQKHoJVpwJvmPQEQlCSTX0vUSaWSKpTMJxjsipGZZ97wOdYMwh9hUA1tWxMYaUAgEEkoAyAmmjTGO7QvgInWMPBu0KAe3RrP1R6nnEVRDGKhpLAF1L5Wb3CJ4QPJtK0XhXI9N7Y1bERH4Tg2bM5GbX-LqdPWwFxflou7mQxgBYAE&cry=1&bundleId=

Requested by

Protocol

Server

74.125.71.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f157.1e100.net

Software

cafe /

Resource Hash

77acb059e05f5d0c3d4e2e798c4f23f94fc2872d4415bbf8a751511e5cd2bdb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaz5Wh-mguGg-lapCRaLNCYyj40nd1jMApDYfCMNNEzCo-qSY&d=CokBAKAmf-A1nrKKH0FX3B9qJU9meCUZy2UbEHhyWkysUYlecg6cOjEQ2Eff6J9NjVASD0nesLA9A_NHrGCT9UqLCEJ0WQSVzj1UC-n8vHqCKbzo02VrFxZ8PfAqoNcvYgbM695gI1W-1BEQMhFzOrbN9r6LYBsbrr6csfBHNoIKjZ8WNmnV2QqaUVYS-RMAoCZ_4O5htL6MGGqdBAcOPW7abNiwgSi5XXqqzPUKjrXUvmEgyaT7CWRm3DhdZtHIpG1HitrRhhVqGfVKEfQ1LSIiGxhSVBHL9-oqiA6xWI_aPDWxpFm0fwhhny9_eBaVxrn0ttjZpN4LGkyPVHbQif4v6eKFobqzybJjRmBiqrHrb06iBSifsT457TrpzWkUWcfgwQMMXMSz6PFgv6JCFnQKyvf_t0Y2ExwAATxZOJ7NOK4DNwaAksB9GwCtof5yj9pHcnxn13sGPSZs4MMH3RBEi9OzyKHjR4Tlqf_9-It38k5NzmZlVika7FQ3P-yoaYyqW0hmdRI-vQA9DkyW-rI9krUoQf7vOavzzikbG-YZ7ZzZJ6VKS1KJ5uyu3zumXqIP1EO7Yu4uj-ii6QKC4x7K2yLw0n5b6kHB8B6PEsS2fHpH9_uOOQcL9YQJu0DaeVTMNZEJDN-xXIE-mnSLjAhmMDaop2Av2mqHfsTskXSVRd40Vpkib18te04DbPAB-WhIhscnjEB8ggcvZg8gAKt9-I7Vlp5GPrGTQ8bS3k5ZnDWBXTZNxvfNjrAn_bboKhGnLRIxLyXC06M1vLuFbaKyyiRKgdzG722skby_HrusZHdcklzGN-NeVLFfvjCDTJFvAZeEUjH9ICoMR-y3zdbzK9mLSaaQcLakTPRxdraVgWngCo14xAX2yBLh5baxldWnjKNA3XZQP4DXlrE1hMUKfyiq2KTfX6b5KLC-OrG26r-vFE4HLbwxusk5NJEyDtORHpxK9Oob5KB2IVBSRlkU214gFu3CqNXrGxQvXoXokVyoQ0iUlQuLp2LPcUwy_wQp5bdhnghUy9DFp6prblAyj74itdR4Bh2vNlLgZb781HQknXAV3F0XC93zsagO1MhuEexEDQ1joytSGn9pojGf6qpnKJkqNLDV9NSPoqbFmP7Qg0CjEUqhmluhss2y2ogkkd_YXTDzr5BMUkZdpQ71lbvb9GBVDvbjODXT8OAm2yO66_kbTo01lmAnPS4P3o0cx73E0AW4r2TlWC1pc6cqzq8hnaCq7fHsv2z4_plqWf38DmB9GBf-SjPUssMg3dDRaX9Uycwc4-TbkQ_p-1dMrC4eQU4fiiQjMzwz01nYJotPgodKA820VPoku0cStTo-_brpGsn9xyRrnaS1H3vXkyZLlLNA4x8r8V4ZxMDTsLW2l-0Lb-WU4Hu7Zfq6uImIDs4Nq_nUg6zevmNwjO4Qovi9vrjSbNHzZqsxkWElBdof34j4CpvcA0xW9l3_LGnKYYzY1AbJmGN13J4xv15ZsYPKaG1CIu6FZDmCZXSogdvs32chXIrooH5BFCpyjwJINsYb47GwGkYAn4CrGz7Ia0Rfy8bb32uWGVRQzOvd2USSngtEtUSrPe4P9SnnsWq4m_69nk49zaVHVFEUMUACW0DMJmJWkxfuAHiN5eDZ41jXRkk98ci5bTPvjRML928DwJc1oKKMDFh0oStVzWGaZRfIz0bjdUgm01BldHMumgsF1YERnKW9EtH312ahz4Zh42qlrceH6bSfuDpWFfg9LrIsauagpJ_mZanKDYmjytoBXo2akOyQ8banreOkmIYDCm1fRZ6aw8Y8GZUKo8cM1u_xuIt_6aQ9VU4M6zWjIiMP2zdGySCXHUjEl047SgxpxdfDnvpG8ijR-YJEO9_rHRr2Ic6MS00IXBx7zVFquhoM6CoBZj7qiXD_Q14Uwfwpl110sRWELpdadI3SnC4kWHJmnDl-AQW2BctcSQrThWwTKq335KpP4LGFlsm7RtdiP5jyajTWCZD5B1fyac-V1jEuh17HzkG11lvvYchEFFPL1ZXxbk9FUbwk-EmyIgSLlhSHsML86Bq7XGL26weSy6g1_UQ31_NYLySn5s2rPvDH_8leBAGBh7-zhCMBSnkz5gPPOTClrFGQt5RVT5cP28PjR_M-YDDwcGfuzK7cdgusYF1IbVGmuxpp_s6o1_RDf2oJSsDtDztHjVHPhFIW5jB38KNi1Firc4rQ7DLM1pYPAZTQoZtpHKF8nuMGMnB2hZXW7tw7HfunrqE__Vwc2vcsgJpwNSKs0O7rO2n2cKC4T9uWToOYPpebWsMau9in6Ct1iV1bgzCJ9vD9PXogvp_rPCwwaWbwWewUl1mZ-hvGeBKtOl-7D03zzESeqYXeQzHX8DaQr-r9jocL-vuYhxgntWgJUF83Ibi_ZL5ljAzykXMuRW1Wp9uq7tCWK8_jGHGrR8XL0up344fHZiIII_Gs5982Mh1-X8jW3W4wYuwgubeEGLeXcVmkL8YGxyO-BiNcPLCuQaFfCGbPLdfY9-_1E8dY99zpmNaR3tr7qj7nPKazhvJj9hY_xz3Co1hJTKZdrwunCbjkTt_MWC_RSr4SyYxfw2qx5SahpvCcY3ibH0DhC3zxXCCr0FHZGljzUHeP77StQyuISmJugmKKyBwLS-K6q2xv8vWv9dniXVKwoKwPitqPOE_3SDQ_KkBoHRH4EiyA0xZQ2ZpGpFUpTe028Ob9fEQ_i9fI8m10dnDL0_-quXH5pyYPzEb1HRuDaIyi39s14NA8te7k5cCe4-gBO2gkwdMkUbKgRrrw9rbX6iPh6J9IdtjpQgMcT3OF98MTW4GPUbst9PFLas4QFlVv3QkDIEYz-Adi2wf9I-6JFVypbEsG4VIjfVEaZHOVLRMz6Kpczfk4F91imSNZb_538BwXZvj7aALszkPYcMBgEOwfWWglSpXL5NR6ZTZjsosK36vzzy1rXcehyFWfeOL1nwUXCCqTBU5UFS_rFA6SA3CXhuJ7uHazBz9CuNxaAzjq-ZYlnDeT44JmCZnPAcqwM4IfuQoavAvuY75UYYFQYx-czviSg0TjIktOCTVbD1w3rCT14f_6OlaplTIeg_7_answggkMo_ez7CUlIYjDo8GIp01CdzoYbPkYazAtHvyqDdpzTNM_AQ1mwwphpe7xhRiibxoB720l1O-sGuiF0GZUkL3Sp0XyAcjyQ81TU7SVEFSJmbFn-m5ydjYf9JRHXInaeehyKT2uEIrFtT5Aw1V9-D_KsT3CRsDqC90hVeYvpBRzMhucvuCRMgvwN0JVynXi5hSlUMaujQ0WOaYP7fsvGqtX9aMTSCjgpAwboa5rU6ccKtAJa6KbGzG97dSm7OT-IqPBUhQVlI3aH231WwXRgQ8vHYreYFrqbDOTkT1FWWxG4Kum9k6JkGf9cqwrXRtGHb1hxmFxog_6RbSahMvwSUDMFUBTZkASIRMty9iZSUOfy-N2UIWjr7ODjYFMK0EWlICa7c0odwuZRpBWRHrx-94KiGuTdV7UqiWzX7V4WksWqkHeQKHoJVpwJvmPQEQlCSTX0vUSaWSKpTMJxjsipGZZ97wOdYMwh9hUA1tWxMYaUAgEEkoAyAmmjTGO7QvgInWMPBu0KAe3RrP1R6nnEVRDGKhpLAF1L5Wb3CJ4QPJtK0XhXI9N7Y1bERH4Tg2bM5GbX-LqdPWwFxflou7mQxgBYAE&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2A9A 91 KB
92 KB 124ms
38ms Script
application/javascript 2600:9000:2127:1200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 23:19:22 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 16731878
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: oMDh5jSd6w2_LzsLlU7iToFTGLSGpayZnT9yLT9vX44ds83kWRKn_A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
215 B 327ms
105ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQ3p,pingTime:-3,time:48,type:v,im:%7BpBlk:40%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
215 B 321ms
104ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQ3s,pingTime:-6,time:51,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&tpiLookup=ao:notapositiva.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
216 B 317ms
103ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQ3x,pingTime:-2,time:56,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:301,beZ:302,mfA:305,cmA:306,inA:306,inZ:310,prA:310,prZ:319,si:323,poA:324,bl:341,poZ:341,cmZ:341,mfZ:341,loA:352,loZ:354,ltA:357,ltZ:357%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:23,sinceFw:33,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1DF9 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 24613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame CBF3 38 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 11:45:42 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DF9 38 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 11:45:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
215 B 236ms
105ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQ4R,time:138,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:138,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B131~0%5D,as:%5B131~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 206 file.mp4
r3---sn-5hneknee.c.2mdn.net/videoplayback/id/07e15d6f5ac5969b/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729955038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 2A4E 391 KB
0 29ms
14ms Media
video/mp4 2a00:1450:400e:8::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:8::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 27 Oct 2023 15:03:59 GMT
date: Fri, 27 Oct 2023 15:03:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4025409/4025410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4025410
last-modified: Fri, 13 Oct 2023 15:54:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EE78 172 KB
61 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Oct 2023 07:14:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame EE78 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1494005/73005731/xbbe/creative/adj?p=APEucNWaz5Wh-mguGg-lapCRaLNCYyj40nd1jMApDYfCMNNEzCo-qSY&d=CokBAKAmf-A1nrKKH0FX3B9qJU9meCUZy2UbEHhyWkysUYlecg6cOjEQ2Eff6J9NjVASD0nesLA9A_NHrGCT9UqLCEJ0WQSVzj1UC-n8vHqCKbzo02VrFxZ8PfAqoNcvYgbM695gI1W-1BEQMhFzOrbN9r6LYBsbrr6csfBHNoIKjZ8WNmnV2QqaUVYS-RMAoCZ_4O5htL6MGGqdBAcOPW7abNiwgSi5XXqqzPUKjrXUvmEgyaT7CWRm3DhdZtHIpG1HitrRhhVqGfVKEfQ1LSIiGxhSVBHL9-oqiA6xWI_aPDWxpFm0fwhhny9_eBaVxrn0ttjZpN4LGkyPVHbQif4v6eKFobqzybJjRmBiqrHrb06iBSifsT457TrpzWkUWcfgwQMMXMSz6PFgv6JCFnQKyvf_t0Y2ExwAATxZOJ7NOK4DNwaAksB9GwCtof5yj9pHcnxn13sGPSZs4MMH3RBEi9OzyKHjR4Tlqf_9-It38k5NzmZlVika7FQ3P-yoaYyqW0hmdRI-vQA9DkyW-rI9krUoQf7vOavzzikbG-YZ7ZzZJ6VKS1KJ5uyu3zumXqIP1EO7Yu4uj-ii6QKC4x7K2yLw0n5b6kHB8B6PEsS2fHpH9_uOOQcL9YQJu0DaeVTMNZEJDN-xXIE-mnSLjAhmMDaop2Av2mqHfsTskXSVRd40Vpkib18te04DbPAB-WhIhscnjEB8ggcvZg8gAKt9-I7Vlp5GPrGTQ8bS3k5ZnDWBXTZNxvfNjrAn_bboKhGnLRIxLyXC06M1vLuFbaKyyiRKgdzG722skby_HrusZHdcklzGN-NeVLFfvjCDTJFvAZeEUjH9ICoMR-y3zdbzK9mLSaaQcLakTPRxdraVgWngCo14xAX2yBLh5baxldWnjKNA3XZQP4DXlrE1hMUKfyiq2KTfX6b5KLC-OrG26r-vFE4HLbwxusk5NJEyDtORHpxK9Oob5KB2IVBSRlkU214gFu3CqNXrGxQvXoXokVyoQ0iUlQuLp2LPcUwy_wQp5bdhnghUy9DFp6prblAyj74itdR4Bh2vNlLgZb781HQknXAV3F0XC93zsagO1MhuEexEDQ1joytSGn9pojGf6qpnKJkqNLDV9NSPoqbFmP7Qg0CjEUqhmluhss2y2ogkkd_YXTDzr5BMUkZdpQ71lbvb9GBVDvbjODXT8OAm2yO66_kbTo01lmAnPS4P3o0cx73E0AW4r2TlWC1pc6cqzq8hnaCq7fHsv2z4_plqWf38DmB9GBf-SjPUssMg3dDRaX9Uycwc4-TbkQ_p-1dMrC4eQU4fiiQjMzwz01nYJotPgodKA820VPoku0cStTo-_brpGsn9xyRrnaS1H3vXkyZLlLNA4x8r8V4ZxMDTsLW2l-0Lb-WU4Hu7Zfq6uImIDs4Nq_nUg6zevmNwjO4Qovi9vrjSbNHzZqsxkWElBdof34j4CpvcA0xW9l3_LGnKYYzY1AbJmGN13J4xv15ZsYPKaG1CIu6FZDmCZXSogdvs32chXIrooH5BFCpyjwJINsYb47GwGkYAn4CrGz7Ia0Rfy8bb32uWGVRQzOvd2USSngtEtUSrPe4P9SnnsWq4m_69nk49zaVHVFEUMUACW0DMJmJWkxfuAHiN5eDZ41jXRkk98ci5bTPvjRML928DwJc1oKKMDFh0oStVzWGaZRfIz0bjdUgm01BldHMumgsF1YERnKW9EtH312ahz4Zh42qlrceH6bSfuDpWFfg9LrIsauagpJ_mZanKDYmjytoBXo2akOyQ8banreOkmIYDCm1fRZ6aw8Y8GZUKo8cM1u_xuIt_6aQ9VU4M6zWjIiMP2zdGySCXHUjEl047SgxpxdfDnvpG8ijR-YJEO9_rHRr2Ic6MS00IXBx7zVFquhoM6CoBZj7qiXD_Q14Uwfwpl110sRWELpdadI3SnC4kWHJmnDl-AQW2BctcSQrThWwTKq335KpP4LGFlsm7RtdiP5jyajTWCZD5B1fyac-V1jEuh17HzkG11lvvYchEFFPL1ZXxbk9FUbwk-EmyIgSLlhSHsML86Bq7XGL26weSy6g1_UQ31_NYLySn5s2rPvDH_8leBAGBh7-zhCMBSnkz5gPPOTClrFGQt5RVT5cP28PjR_M-YDDwcGfuzK7cdgusYF1IbVGmuxpp_s6o1_RDf2oJSsDtDztHjVHPhFIW5jB38KNi1Firc4rQ7DLM1pYPAZTQoZtpHKF8nuMGMnB2hZXW7tw7HfunrqE__Vwc2vcsgJpwNSKs0O7rO2n2cKC4T9uWToOYPpebWsMau9in6Ct1iV1bgzCJ9vD9PXogvp_rPCwwaWbwWewUl1mZ-hvGeBKtOl-7D03zzESeqYXeQzHX8DaQr-r9jocL-vuYhxgntWgJUF83Ibi_ZL5ljAzykXMuRW1Wp9uq7tCWK8_jGHGrR8XL0up344fHZiIII_Gs5982Mh1-X8jW3W4wYuwgubeEGLeXcVmkL8YGxyO-BiNcPLCuQaFfCGbPLdfY9-_1E8dY99zpmNaR3tr7qj7nPKazhvJj9hY_xz3Co1hJTKZdrwunCbjkTt_MWC_RSr4SyYxfw2qx5SahpvCcY3ibH0DhC3zxXCCr0FHZGljzUHeP77StQyuISmJugmKKyBwLS-K6q2xv8vWv9dniXVKwoKwPitqPOE_3SDQ_KkBoHRH4EiyA0xZQ2ZpGpFUpTe028Ob9fEQ_i9fI8m10dnDL0_-quXH5pyYPzEb1HRuDaIyi39s14NA8te7k5cCe4-gBO2gkwdMkUbKgRrrw9rbX6iPh6J9IdtjpQgMcT3OF98MTW4GPUbst9PFLas4QFlVv3QkDIEYz-Adi2wf9I-6JFVypbEsG4VIjfVEaZHOVLRMz6Kpczfk4F91imSNZb_538BwXZvj7aALszkPYcMBgEOwfWWglSpXL5NR6ZTZjsosK36vzzy1rXcehyFWfeOL1nwUXCCqTBU5UFS_rFA6SA3CXhuJ7uHazBz9CuNxaAzjq-ZYlnDeT44JmCZnPAcqwM4IfuQoavAvuY75UYYFQYx-czviSg0TjIktOCTVbD1w3rCT14f_6OlaplTIeg_7_answggkMo_ez7CUlIYjDo8GIp01CdzoYbPkYazAtHvyqDdpzTNM_AQ1mwwphpe7xhRiibxoB720l1O-sGuiF0GZUkL3Sp0XyAcjyQ81TU7SVEFSJmbFn-m5ydjYf9JRHXInaeehyKT2uEIrFtT5Aw1V9-D_KsT3CRsDqC90hVeYvpBRzMhucvuCRMgvwN0JVynXi5hSlUMaujQ0WOaYP7fsvGqtX9aMTSCjgpAwboa5rU6ccKtAJa6KbGzG97dSm7OT-IqPBUhQVlI3aH231WwXRgQ8vHYreYFrqbDOTkT1FWWxG4Kum9k6JkGf9cqwrXRtGHb1hxmFxog_6RbSahMvwSUDMFUBTZkASIRMty9iZSUOfy-N2UIWjr7ODjYFMK0EWlICa7c0odwuZRpBWRHrx-94KiGuTdV7UqiWzX7V4WksWqkHeQKHoJVpwJvmPQEQlCSTX0vUSaWSKpTMJxjsipGZZ97wOdYMwh9hUA1tWxMYaUAgEEkoAyAmmjTGO7QvgInWMPBu0KAe3RrP1R6nnEVRDGKhpLAF1L5Wb3CJ4QPJtK0XhXI9N7Y1bERH4Tg2bM5GbX-LqdPWwFxflou7mQxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1012484845&ias_pubId=pub-0045970822945595&ias_chanId=1&ias_placementId=20122610338&bidurl=https://notapositiva.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g3aXgm2Q8ssyscZHGN1CWs&adsafe_url=https%3A%2F%2Fnotapositiva.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fnotapositiva.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0045970822945595%26output%3Dhtml%26h%3D600%26slotname%3D7775112206%26adk%3D3867715954%26adf%3D419840266%26pi%3Dt.ma~as.7775112206%26w%3D263%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1698411838%26rafmt%3D1%26format%3D263x600%26url%3Dhttps%253A%252F%252Fnotapositiva.com%252F%2523modal%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698419037817%26bpp%3D1%26bdt%3D311%26idt%3D209%26shv%3Dr20231025%26mjsv%3Dm202310250101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D840x280%252C848x280%26correlator%3D6010391235101%26frm%3D20%26pv%3D1%26ga_vid%3D64634378.1698419038%26ga_sid%3D1698419038%26ga_hid%3D1593081921%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1108%26ady%3D429%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079080%252C31079082%252C31079095%252C42532334%252C44805931%252C44806738%252C31078301%252C31079247%26oid%3D2%26pvsid%3D262802040894886%26tmod%3D2129363091%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CloEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3Dv0hyUpPuA7%26p%3Dhttps%253A%2F%2Fnotapositiva.com%26dtd%3D211&adsafe_type=bed&adsafe_jsinfo=,id:fce9a88f-b7f7-9133-521c-f19e36eaa93a,c:sgdQ2Z,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-7kmqp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:0e6f94b8-74da-11ee-bc4f-f27624206c03,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:15:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame EE78 30 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 12161711247934188981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:15:25 GMT

GET
DATA 200
OK truncated
/ Frame EE78 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf185b8486c16994c065e359ea34f2d85e35b64e7d3caf73d2fb29dc1bc0ed15

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBF3 0
20 B 127ms
126ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOlSWXtE7ZZ_eNuqM9fgP5qCv-AoAAAAAOAHgBAI&bg=!1Nel15jNAAbo5yKYyOc7ADQBe5WfOPUmbw9IbhoPCKqDHnG1BGy3ecEtWWwXsmEH_gqDizr0sBsj64XH06QxGki7prptAgAAAIdSAAAAAmgBBwoArPq2f9GwCzxXUhdyVK57l7ISg96LSNerV-WeIltbIgiEfq9rlADunktJOSgSs7E-ia015FO6SnFBzjVvnoUY04VDC6aLJXHT231GX9cZg39JdrM9tvRe8KBzeofMCteapc6txkDDau02n8cKRlemvn8TyfBJ_aQ063xBFSKOemaTmczcpX-x0ACh1nRvuRTWa0X5JWQn-QgrIZFy5X_7ChWcORUzSvDqnLv2xiSZAuACwMQ_A7bl99-MIkmmZy1130TY2tQcP6by0hp-66OaK1t3jIBnxXKgmIaeMFOEuky7BUq-b4f3oewnKNbhpPn6xuJUW76OZ2C61VSowyKErpYzmKNFhgpEbkwl6D0MwLQNBCN3zDdfcKiCUAdmXSwNQj4ReaHT7gY9m-aARpSiOf5dtveQHx2zKCwPSSGPXX4pwyWDhK79otzzBgxt9_oERdzar13NkDgBqBLHQdMAOZF-ZghHSjsYqog1Qcr01yplytFyPYis6Fb2SQNqegd0rIRLlzNe1KlTPh0YyizBUx0IqE6rKY2GRc756SmSMB1ucnpMdjlSQTSp9HEu3rbNrhX2SM6d84H3HjdBcqAsXglAf-Y9sCiDHTDfNWd9uGb_AeXQdCxviulv4yUTihOEvstS0_L6zf-VhYPxce8FKfiJ6sDFvoAqdQiHXnWvoXp3twk5ua82BvcWwQBYhVMUCNKthZCrZqgmKRi4f4kBSpprqepbS999cKha_OHq6ERlgOshRmGsZfxvkXTfnnMC4JVHr2eAUXd-DoopeWpztrWVp78J-W4PU8bLLR_6VTwPgFIwbuT1ARWqNue5ALbMYnRTTGwp-RbkB9q5C5FwrlMI_ysdfL8kaPTGtnDFqr4mDnD1IAhfMjkMjVzDWZWzOdseXM3_qPqSnjXjannKjLYOTF5uaWPhFamW_KAB4EW9i00xa1W71_33_z1vbA26ieNJE7RAnROr54WuJMOwrACg9sv9DqvSyU8xZmj-k0vO6H2fNCcsXnP9Br8X7YqRotDKPVEtpHxved9DMmRcCNmtaE5N9ymfIsP9GW-oaR3RFohXvqY32H0XqNvgtKqddozarXQrr71ui83up5riqPXlBmJSgvsBzF2s8bmeKQvpmIQKnEPQ6Rpt5EgnR-YY1WHxmgi0jeDEXhNYznAtq6Hm2Qri5Bu9AGQZ0jersF79K1fqYpd1G_8ULqjwkbRA

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/utr/logst_st/c2lkPX4yMTYzODgmYWN0PX5jbW5hbG4mdXJsPX5ub3RhcG9zaXRpdmEuY29tJnZjbnQ9MSZfZj1fX2x4R19fLnRtcC5sb2dzdF9rOXZ2Z3k1eXZrNGVuemJp/ 38 B
206 B 45ms
44ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_st/c2lkPX4yMTYzODgmYWN0PX5jbW5hbG4mdXJsPX5ub3RhcG9zaXRpdmEuY29tJnZjbnQ9MSZfZj1fX2x4R19fLnRtcC5sb2dzdF9rOXZ2Z3k1eXZrNGVuemJp/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.35 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.20.1 /
Resource Hash: 025fed8c93988d00ad7aa9c3e84562a7aab8d83efe27130869db2c1ee55df7a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 15:03:59 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.20.1
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02NDUzNjV+NjQ1MzY0fjY0NTM2NiZzc2lkPX4xJmFjdD1kZXZfdGFyZ19yZW1+LX5ydHJfdmFyX2Noc24mcGx0Zj1+MCZ1cmw9fm5vdGFwb3NpdGl2YS5jb20mdmNudD0zJl9mPV9fbHhHX18udG1wLmxvZ3N0X2hwc... 38 B
206 B 48ms
48ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02NDUzNjV+NjQ1MzY0fjY0NTM2NiZzc2lkPX4xJmFjdD1kZXZfdGFyZ19yZW1+LX5ydHJfdmFyX2Noc24mcGx0Zj1+MCZ1cmw9fm5vdGFwb3NpdGl2YS5jb20mdmNudD0zJl9mPV9fbHhHX18udG1wLmxvZ3N0X2hwcm44ZHdiMXN2bzlmdXU/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.35 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.20.1 /
Resource Hash: 702ff8fede19257ef661ff5c2a42d6ae3ccb4ad8d6689a462b8e269badfc4a5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 15:03:59 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.20.1
content-type: application/javascript; charset=utf-8

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/ Frame EA00 20 KB
4 KB 103ms
55ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4d4e509a350d0de918e190e303a070c7bc2bf03291d308ad52da61ddea481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 15:03:59 GMT
expires: Sat, 26 Oct 2024 15:03:59 GMT
last-modified: Fri, 22 Sep 2023 09:59:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE78 0
0 169ms
70ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvx0inY52E1AoELrugszKS9h8jGEmcvBSrnXKrYiz-AUvm1VFuK2ODMZDj5xL5Z7xZJJ1NPLToUGTuznvjHTLjC4sX_T_VMePk8fdR-vjfk2Oip0rC_Qx7mRZZtqelI4xkkVpesJ-L-MjLk4jjgbEfxjcSyIaSt0NCq80c1s6joIhG0Edl7BiP2Lfwxe3bNr1-jsI1HZRXG2WButjgzm0n-ZA&sai=AMfl-YRhX-LJ6efnUX8ojlwVSBsCcuwsKM0DJiBrFK0wLlIpXt1oW16OD2a1UQGZz_ENAJSjjp5v_mZA4FcKbW7bXwRL9l4uRR6OawF_HvfeO6F6jYH4SVbS-aVqgM3qgMpHtN9ZqZFCm3GVDCgH9kD1aIcAHw&sig=Cg0ArKJSzL2C6J1pF8wEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=125&cbvp=1&cstd=118&cisv=r20231025.83596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DF9 0
20 B 128ms
127ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfQ2mXtE7ZZPmM-mM3gPTjYe4DQAAAAA4AeAEAg&bg=!w8ClwI_NAAbo5yKYyOc7ADQBe5WfODwVuS_4tBCntU8XGEvAsmVrA6HabNodEF1PuHY5XZIg6O-EYTMfVZLdYeU8_Vq8AgAAAJxSAAAAAmgBB5kDC-pKSDr0CPnyi9Cgz4JYQL7BRRoBArWR06EFy8E-IdWttSTKv3uLm91qnozfN_inuh3Oz73IvJNr3_11JjxPdG3QlxKwhB1-4qJnqG9a5ngD8KNohvGNAjJeEUK34oFLPE-Vx6QMxJDc3M9_eGaz_LErFfDVZwOwbO_M_WIzkOQXSnVrjcifrg-JN_r4vH5xuVKRkWS2fn8mOw0tii22VwYbi1r1nH_VtoZ6CbBg0wFY8ofD4SlGrb0yxMHMXm-JESVeyuPjwazcKT8q_DE4DkNxkJGJjnVjTYaIulBvrF1XWgjXcC9bIcGoIHRcnnY7tLfL87WZZRPEVoi_y2esCFQIaIOibu44EuCF9W8GyTsQJAzQuPuXpRR9MeRNoV9IxxqW0EwKwlVAsAk2za1zIxMmuWHYkGEs93DGs9dm-P_MtA3CB_aYTenFLGjEU-HgF8x6HacxeVxnhK_EhOXTwyDQW6IV0yXLlP-QMLyadgJkzOomMnaOPxvYFEAdOd_d92evfc5Om_SNHogblLxbcyEJ46o8krba4oNiIbqM9W9_QtP3Un6xW9Um03NJTxZzYr7B1X3cPF5HCD3hON1dcYPG8rI5x0mIWR160snc7fl4vnJqdOg4eaHpuYbxMRVMmoIAty5IRToG2fBz9WGQM3CEgHAkWROO82L-hc4JJzPxN2odK4lNO5rELauiNSHwoxLJXcxaVh7nWtg61UzT9QauliJl8hoBmS5aKvJYOkq_O4J5HZhUX-tCMtjQlVJHU8LoIK7zcoI8qjdpF6HtwNyHXZ5hhSMhyQznJs3FQmZ7rf3fxQybY9DdBxfrX0s6EIstWxGOFkfMqr3ouE1cLK6vjwi9r51ht-sWHXUGufdfI5LhnHwtfUhtUaN8TCd2IOJ7K-EEKdl8gCOqki-pPJJm2Kz5EVbuTD3V1xuH6PnJ3j26tRdPog9n1RuxlwZiOw0hZgHkpBAWRpEfiYmRlAQOd7HXDlNExSs-RzoDv9F1nCewjoSZK7EMVi4FzYlrHMJQQ4qj_lli2C6n

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/ Frame EA00 6 KB
2 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 09:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 09:38:29 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/ Frame EA00 2 KB
681 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b0a9563682ffebf44e7416421c2125c777b35c53b2580e23e06bdd5cba994a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 09:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 09:38:29 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame EA00 120 KB
41 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 17:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 17:00:57 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ Frame EA00 69 KB
25 KB 89ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2027543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25150
last-modified: Tue, 04 Oct 2022 19:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "633c8b2b-623e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbIzvaE98z82Q0BNtSxOE3LVqv2Hb%2FPPF9e8rdMoDVfH7aZWNinvzB4g1ezp0exkmmTT0kgK%2FeUWywG865UsKeEXPH5exO3Q1zVtxs8FQDer5A32gg%2FwkhkGtkk2MpaPOElDUghyDfeydao6lbiI4vqj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81cbd4349d7c03cd-FRA
expires: Wed, 16 Oct 2024 15:03:59 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ Frame EA00 7 KB
4 KB 82ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

906983bc2ede013f43b47e46740b4f247e2e71042aaf9b53989336ae3d645c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 26632949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 04 Oct 2022 19:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "633c8b2b-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQ%2F%2BqMfK8gxVe6lOcQIGkfcX2Gth8ZvLxKpRAfA%2F2lMZF37EWWxS6wCp8u6%2BH7%2Bh7nEB%2FT1waOo5SyFjdvo6siwGGcLxNwEymC2%2F7WO04vrJoxXZJCF%2F8d9LzcwR7mKGH4sq4e0QkOw7jDoIGtiQWB0X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81cbd4349d7d03cd-FRA
expires: Wed, 16 Oct 2024 15:03:59 GMT

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/ Frame EA00 8 KB
3 KB 37ms
36ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/textFit.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 09:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 09:38:29 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/ Frame EA00 21 KB
6 KB 33ms
33ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed12c0d9f531492bd81f2eb30125ce9a7db330b9d9854258879b55efebf3e75b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6133
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 09:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 09:38:29 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/ Frame EA00 6 KB
2 KB 38ms
37ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40123aa732ff828d3ec860d0555787506a8a24c6b7df7b2cc8d9100c242cc9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2270
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 09:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 09:38:29 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
215 B 104ms
104ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQb4,pingTime:-10,time:523,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698419039510%7C%7C36a23b628f7b190a58d173ebb2b5d55d%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7Ca4fa6b295b8f01d6dd2ae61c41a70c1e%7C%7C82544220f4befe879c578e98f93f65bb%7C%7C7ba396512d5f64ae8544de226ce29337%7C%7C02f9a0a7134b5cc1e9f2c9fe89ccaa59%7C%7Ca19003b8831e37527897174120ef8e70%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE78 0
0 72ms
71ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvx0inY52E1AoELrugszKS9h8jGEmcvBSrnXKrYiz-AUvm1VFuK2ODMZDj5xL5Z7xZJJ1NPLToUGTuznvjHTLjC4sX_T_VMePk8fdR-vjfk2Oip0rC_Qx7mRZZtqelI4xkkVpesJ-L-MjLk4jjgbEfxjcSyIaSt0NCq80c1s6joIhG0Edl7BiP2Lfwxe3bNr1-jsI1HZRXG2WButjgzm0n-ZA&sai=AMfl-YRhX-LJ6efnUX8ojlwVSBsCcuwsKM0DJiBrFK0wLlIpXt1oW16OD2a1UQGZz_ENAJSjjp5v_mZA4FcKbW7bXwRL9l4uRR6OawF_HvfeO6F6jYH4SVbS-aVqgM3qgMpHtN9ZqZFCm3GVDCgH9kD1aIcAHw&sig=Cg0ArKJSzL2C6J1pF8wEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=360&vt=11&dtpt=235&dett=3&cstd=118&cisv=r20231025.83596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: notapositiva.com
URL: https://notapositiva.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EA00 7 KB
6 KB 104ms
65ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f90071e8cc37944b7e2c67eee41ea9d03a4b60923a53254f03f1312b7fdbc76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
215 B 105ms
104ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQbN,time:568,type:e,im:%7Bpci:%7Btdr:516%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:568,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B561~0%5D,as:%5B561~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:426,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:23,sis:176%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0045970822945595&output=html&h=600&slotname=7775112206&adk=3867715954&adf=419840266&pi=t.ma~as.7775112206&w=263&fwrn=4&fwrnh=100&lmt=1698411838&rafmt=1&format=263x600&url=https%3A%2F%2Fnotapositiva.com%2F%23modal&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698419037817&bpp=1&bdt=311&idt=209&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=840x280%2C848x280&correlator=6010391235101&frm=20&pv=1&ga_vid=64634378.1698419038&ga_sid=1698419038&ga_hid=1593081921&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079082%2C31079095%2C42532334%2C44805931%2C44806738%2C31078301%2C31079247&oid=2&pvsid=262802040894886&tmod=2129363091&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0hyUpPuA7&p=https%3A//notapositiva.com&dtd=211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 uc-id=1Inkv_aI6-PVUZDfdZk1GOejUtl3uh4U3-export=download_1694566877651_uc.jpeg
s0.2mdn.net/dynamic/2/11105975/drive.google.com/ Frame EA00 85 KB
85 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11105975/drive.google.com/uc-id=1Inkv_aI6-PVUZDfdZk1GOejUtl3uh4U3-export=download_1694566877651_uc.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3eb68cd6fcbfa294e943722a75ab567b393fcb2190b9fa3feed79186f8bf650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 10:21:37 GMT
x-content-type-options: nosniff
age: 103342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87082
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 01:01:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Oct 2024 10:21:37 GMT

GET
H3 200 uc-id=1SJdXIuJgSPIUq0sWx4ZAD3EZFyaLitbW-export=download_1698094945027_uc.jpeg
s0.2mdn.net/dynamic/2/11105975/drive.google.com/ Frame EA00 65 KB
65 KB 28ms
26ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11105975/drive.google.com/uc-id=1SJdXIuJgSPIUq0sWx4ZAD3EZFyaLitbW-export=download_1698094945027_uc.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9e2d38ae300ada11d2c5f638341c46041fd68cf342ed59575b5802d7f913b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 22:05:28 GMT
x-content-type-options: nosniff
age: 320311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66700
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 21:02:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Oct 2024 22:05:28 GMT

GET
H3 200 uc-id=1VJwXR_aJM9oV4IcLg8j5DW06PVpNn6kB-export=download_1698339652653_uc.jpeg
s0.2mdn.net/dynamic/2/11105975/drive.google.com/ Frame EA00 48 KB
48 KB 55ms
52ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11105975/drive.google.com/uc-id=1VJwXR_aJM9oV4IcLg8j5DW06PVpNn6kB-export=download_1698339652653_uc.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7ced81884026861315f6c553f3311b0beb4b2999276d634dc2bae9e348a4af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:01:55 GMT
x-content-type-options: nosniff
age: 75724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49080
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 17:01:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Oct 2024 18:01:55 GMT

GET
H3 200 uc-id=1_UXVt30--bv1jzF3JmgJxs092R8YrCXo-export=download_1698094945027_uc.jpeg
s0.2mdn.net/dynamic/2/11105975/drive.google.com/ Frame EA00 56 KB
56 KB 51ms
48ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11105975/drive.google.com/uc-id=1_UXVt30--bv1jzF3JmgJxs092R8YrCXo-export=download_1698094945027_uc.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

960e2527fba2bef7da903395be3bf4d327768f3307f6d34ef258c977ce8d7009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 02:05:50 GMT
x-content-type-options: nosniff
age: 46689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57157
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 21:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 02:05:50 GMT

GET
H3 200 uc-id=17NL2pjttn6QbRq8hPYuR_yLRZ4oeUuGY-export=download_1698094945027_uc.jpeg
s0.2mdn.net/dynamic/2/11105975/drive.google.com/ Frame EA00 70 KB
70 KB 48ms
45ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11105975/drive.google.com/uc-id=17NL2pjttn6QbRq8hPYuR_yLRZ4oeUuGY-export=download_1698094945027_uc.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db1332c25063e2aed787f1d91427507dd54856ccf4fb215d1d5ab8046a2e4a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 06:12:43 GMT
x-content-type-options: nosniff
age: 31876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71656
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 21:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 06:12:43 GMT

GET
H3 200 uc-id=1EH1I53IX0bmUuB1xutaQBBkBZIz0h4Ln-export=download_1698066131435_uc.jpeg
s0.2mdn.net/dynamic/2/11105975/drive.google.com/ Frame EA00 32 KB
32 KB 44ms
42ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11105975/drive.google.com/uc-id=1EH1I53IX0bmUuB1xutaQBBkBZIz0h4Ln-export=download_1698066131435_uc.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16f7f31846fe8928b8d529eee2999b2fa8b1bfc349f5dd26742f74886b3c18e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:38:30 GMT
x-content-type-options: nosniff
age: 105929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32854
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Oct 2024 09:38:30 GMT

GET
H3 200 Logo.png_1691746241503_Logo.png
s0.2mdn.net/dynamic/2/11102108/cdn.ad-lib.io/v2/partners/62cd9949d2383ed5ebcae93a/assets/concepts/64a2bb9bbfbb6b92de42f8b1/templates/64bec04947dd7ebee296ba53/content/ Frame EA00 13 KB
13 KB 60ms
58ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11102108/cdn.ad-lib.io/v2/partners/62cd9949d2383ed5ebcae93a/assets/concepts/64a2bb9bbfbb6b92de42f8b1/templates/64bec04947dd7ebee296ba53/content/Logo.png_1691746241503_Logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0bd967f4d33d1fd47c4d090fbddc3ba8442b98357bc3ec623ad29632a44e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/index.html?e=69&leftOffset=0&topOffset=0&c=wbEypfwZ5E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:38:30 GMT
x-content-type-options: nosniff
age: 105929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13353
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 09:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Oct 2024 09:38:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EA00 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 15:03:59 GMT

GET
H3 200 HMSans-SemiBold.woff2
s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/ Frame EA00 47 KB
47 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/HMSans-SemiBold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ebf6ed791e150a9a3e5785224d5a1f156464684ff1a82925b9c2dd0163e52d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16133178303598034944/160x600-DisplayDCO/adStyle.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:38:30 GMT
x-content-type-options: nosniff
age: 105929
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47660
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 09:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 09:38:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cd7ad9360160875a21aa2a1614d8cae0fd9493caa1d1a27804ee64e098eadd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12160
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 233E 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 11:45:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
215 B 104ms
104ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQev,time:736,type:e,im:%7BpLoad:674%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:736,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B729~0%5D,as:%5B729~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:106,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:23,sis:176%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
server: nginx
x-server-name: dt33.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 15:03:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C89 42 B
64 B 128ms
126ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaPZinnKbGCCe6riRJgFBb0Bfcx2fawQ3zED2uqqYuqbk_1r8sJtRU_iBbZUVcUv9YCBh49Cv4-dOM0vsSYvXaAdrE7tyLqb3jgY0J2i7SFyry73Tpm9tBnNsvbeNaF_gPy5mYTX4G_lbFbEphfdrkAytPboIIbeCKx58IYQ4&sai=AMfl-YRZvkp_L3YpoeMjI9ES52hmUtdKD_P9VVcqE1MQsQAVF95pSf8xfyySIPjQPZBMzdUjCNGTaIIqIyaHXsq3tTmkT_Q4V6xVEXx6U5bt3t4VBNmZMpzBeCBZlQJzX3OzKaw8aqRW_h3iwJzCNA&sig=Cg0ArKJSzBWVLo7CbZSDEAE&cid=CAQSTADICaaNL8O4_moEBSRBk7KYRWHmFDfvqIlkzmby8G1wf0MCIVSkby6bu1-XeBBww4Pw7UqemQMVvomNOcvA2rX6nJA9TCszCLvI5csYAQ&id=lidar2&mcvt=1000&p=0,0,280,840&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4019472189&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698419038015&rpt=753&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 48C9 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notapositiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 17544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 10:11:35 GMT
expires: Sat, 26 Oct 2024 10:11:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED25 829 B
1 KB 76ms
28ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8532989740ba666762f0c9ba17c94c482be0f535e96401bef6d946d16ab530e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D6qaJisrRP5u0VNw7o1Dkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://notapositiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-D6qaJisrRP5u0VNw7o1Dkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 15:03:59 GMT
expires: Fri, 27 Oct 2023 15:03:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 48C9 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 11:45:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED25 0
0 121ms
121ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=262802040894886&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 48C9 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ej7tmg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:03:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 2A4E 0
54 B 174ms
173ms Ping
image/gif 2607:f8b0:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lo8qudp8&c=5780853530298&slotId=2890426765149&qqid=CPmDyfu_loIDFR_99QIdN6sNxA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1945&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.pj~vil.ze&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231025_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:03:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE78 42 B
64 B 127ms
126ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssd-p6tsHobqP2yL00V1cjkFvjMOj93Ve4emjAbopEuzLnORGdyic7jTtJVSHNrczPRBbtYkYJoCaA_gdH23IwbPaakHdipyJEpomrJKNmvGuGFAUdv6IGqnGruRqYiz36TYmS9VWF0ZVd2&sai=AMfl-YQWZ-dcMRJVrh3MgL2DZEBBudPRFWaS2_iKk5ybMSEbE2CwOwjZpqhOh7HPuqukv4G_zdM4rriXtpXddLgIUadmjoGST-8RFV8k9dSbhz2w_09FnPjgG5EN1gGBYWYFujWcG0bjhY8uB84&sig=Cg0ArKJSzMQxaiFX6sR8EAE&cid=CAQSSgDICaaNMY7tC-AidYw8G7QoB7dGs_VHqecRVEMYqGksAXUvlZvcInhA8m0rReFcj03tjVsREfhODZszkZtf4up09bAXF-Wi7uZDGAE&id=lidar2&mcvt=1001&p=0,119,40,160&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=3867715954&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698419038687&rpt=489&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:04:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
126ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=262802040894886&bg=!REelRwjNAAbo5yKYyOc7ADQBe5WfOLnughyXXj-lvm0k8pfZZX3yR74bID-gbmlvXaMXccZSzXFMClyg_HrupBY7zejtAgAAAEtSAAAABWgBBwoAHei03fC55Pw2M-2OuKJ1lNZIYqVsGOfQI_EuWvFvmQK4oLqiElgx1xyCU2yvfJrWvPZDhwklZL2rC2Zyvaq_cyuXLhzyfc_8nxyTVtFUur0Zsr47Hyc0wV5YFdLhDjl9dditBg_aMWp3UnLZRhvQtJNLGp5TOJ3bewQpWE09Cw3zbYJLVvHWf79UWq3-jhCERTzbn3EF5LSBqcsPbpfBr8e87Ehs-8t4-3FjXzTjGgBmiqBKl3czGUYXM6OpK2t-U1bz3uovpzijzsRfMcM3s_7NV3MY5wFECqyZoHmWfZDs7cK613CpkH9MNOAu1B7Eze4tNWY1WqkIyC3A-Fbju3RwsELfseI4t_pbCxDd1m27uf8Dyt570emWkediU8lZ0dauoixe0k8H85iGkUNvE6shjw3uGqjmeGZx_05foB7-gy12ZuVLtR_ZpX65eqVOS-4-kYxznBDaE54G-rZkEXVF437asxfN4op6wcuzs9rdabK0OFafUpO2ddJ13Zrdfk20sXBbPafdexCb7mmS2mk1wh3D46fXpkIeZ-hs66OgqJbXETZCzWXVwrLDVcUpsrUnYzBIpBG2xoK0pPYZogWcEo9Gl2heC30MH8i2kLQDtWl4jzmqDbnVRLJzLbnhvn8AEayFsfIV7g49PCfzsBZFqZDSGNtKAVNTq-b5spxZ6XQv5CZIeeC9l4Wx6yq_LueFJYF1bUCnwDG4BkZToTzMyaIRToBj1STCNfE0jrqNU_chT3ccIZ-3u9Bdhvgbs4skQ7g578Ge0iQ_AllSS5exgqTmmbc70Jcck0aKckCrHKlMYjgrNUkdlrWnhHevH1NC2u35P5K4dRUWSYfQYSqkQmeNsMlc-7kzfQNFseVrPOwWOdkR_YLp0219y3XoQfErn9OwCHkQeviB4StnGQBk5Dch4Eq474jyzGN921OV99Iwo3s5-k0n5e2on4aWatQLZ_n-uGMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://notapositiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE78 0
20 B 120ms
120ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5542474887553&version=m202309260101&ct=76&x=1&cor=15133899555033776000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:04:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
215 B 105ms
104ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQDT,pingTime:1,time:2310,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D,%7Bpiv:100,vs:i,r:,t:1309%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1309,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1302~0,1~100%5D,as:%5B1303~160.600%5D%7D%7D,%7Bsl:i,t:1309,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:105,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:23,sis:176%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:04:01 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE78 43 B
215 B 105ms
105ms Image
image/gif 2600:1f18:1aca:4280:5a10:f513:5632:20a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1494005&asId=fce9a88f-b7f7-9133-521c-f19e36eaa93a&tv=%7Bc:sgdQDT,pingTime:1,time:2311,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D,%7Bpiv:100,vs:i,r:,t:1309%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1309,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1302~0,1~100%5D,as:%5B1303~160.600%5D%7D%7D,%7Bsl:i,t:1309,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:105,fm:tTTPcvx+11%7C121%7C131%7C141*.1494005-73005731%7C1411%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:23,sis:176%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:5a10:f513:5632:20a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:04:01 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VZ16J12X2G&gtm=45je3ap0v9119010253&_p=1593081921&gcd=11l1l1l1l1&cid=64634378.1698419038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1698419037&sct=1&seg=0&dl=https%3A%2F%2Fnotapositiva.com%2F&dt=NotaPositiva%20-%20Portal%20de%20apoio%20aos%20estudantes%20onde%20s%C3%A3o%20publicados%20trabalhos%20escolares%2C%20textos%20de%20apoio%2C%20exerc%C3%ADcios%20resolvidos%2C%20etc.%20de%20todas%20as%20disciplinas%20e%20n%C3%ADveis%20de%20ensino.&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZ16J12X2G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://notapositiva.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 15:04:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notapositiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
notapositiva.com/	1970-01-20 15:48:25	Name: _icl_current_language Value: pt-pt
notapositiva.com/	1970-01-21 00:32:35	Name: newvisitor Value: 1
.notapositiva.com/	1970-01-21 01:22:59	Name: _ga Value: GA1.2.64634378.1698419038
.notapositiva.com/	1970-01-20 15:48:25	Name: _gid Value: GA1.2.1423157640.1698419038
.notapositiva.com/	1970-01-20 15:46:59	Name: _gat_gtag_UA_4477715_1 Value: 1
.notapositiva.com/	1970-01-21 01:08:35	Name: __gads Value: ID=dca4c8b86c12c94f:T=1698419038:RT=1698419038:S=ALNI_MZ5BYrXM4nZHvNI1jLGSBsjyYfXOw
.notapositiva.com/	1970-01-21 01:08:35	Name: __gpi Value: UID=00000cc4aa0a628a:T=1698419038:RT=1698419038:S=ALNI_MYCbJqq8NltHMVgRLt4W1qhBcuG9w
.doubleclick.net/	1970-01-21 01:08:35	Name: IDE Value: AHWqTUlrLuUj7mOvQefIXSBPEGtMx_4bfesHAEwhUG7mkwtwDWmaZ0ZNYUlFUj1pexs
.adnxs.com/	1970-01-20 17:56:35	Name: uuid2 Value: 1721654774821154359
.casalemedia.com/	1970-01-21 00:32:35	Name: CMID Value: ZTvRXkJlsxMKlw4o4f2JigAA
.casalemedia.com/	1970-01-20 17:56:35	Name: CMPS Value: 5226
.casalemedia.com/	1970-01-20 17:56:35	Name: CMPRO Value: 5226
.doubleclick.net/	1970-01-20 20:06:11	Name: APC Value: AfxxVi6rB9GIwWLSowNny7HbPZv6XjUqOLRX7YVbKW8s8DugSG6dwg
.adnxs.com/	1970-01-20 17:56:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVNpj82'!]tbPl1M>e)ZlrFUfJ+tGXxoLKbqTVILqj+<]9CpN$%]]AIco-Q<9jsrtUji3If)y3KL9D3I?+t3h/CC
.googleadservices.com/	1970-01-20 17:56:35	Name: ar_debug Value: 1
.notapositiva.com/	1970-01-21 01:22:59	Name: _ga_VZ16J12X2G Value: GS1.1.1698419037.1.0.1698419039.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-ao.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fonts.googleapis.com/css?family=sans-serif%3A400normal%7Craleway%3A600normal%7Ccoda%3A600normal%7Copen+sans%3Anormalitalic&ver=5.2.19 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://notapositiva.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-mz.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
cdnjs.cloudflare.com
clickiocdn.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
notapositiva.com
pagead2.googlesyndication.com
partner.googleadservices.com
r3---sn-5hneknee.c.2mdn.net
region1.google-analytics.com
s.clickiocdn.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.250.186.130
142.250.186.66
142.250.186.98
198.20.115.3
2001:4860:4802:32::36
2600:1f18:1aca:4280:5a10:f513:5632:20a1
2600:9000:2127:1200:8:48e:53c0:93a1
2606:4700::6811:180e
2607:f8b0:4005:814::2003
2a00:1450:4001:800::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a00:1450:400c:c0c::9b
2a00:1450:400e:8::8
34.243.164.184
37.252.171.149
74.125.71.157
95.211.66.34
95.211.66.35
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
025fed8c93988d00ad7aa9c3e84562a7aab8d83efe27130869db2c1ee55df7a0
0480e71e1002547d037ecca711330546e530ddb02b8433ebb34121bb80a6ee28
0534405eb811de03048e0a09ce3b5ab4b1c90841ac9ecebaeb64a6842370618e
087c130f7b01fa92faaf5ec156a85993f2fd4a8bf00092693f335d00ec7dd204
0ae65d436539d75ee14abd82f21d33cd73a09899116753c2be73c81463dfc62a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88
0ebf6ed791e150a9a3e5785224d5a1f156464684ff1a82925b9c2dd0163e52d7
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
101d79fb6a21d78258d10814151430f5ab638b6f03dd04f7c12962fbe03684d3
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
16f7f31846fe8928b8d529eee2999b2fa8b1bfc349f5dd26742f74886b3c18e2
195f624eefaf54a0bac973d7cfe6fc3956224e89b80b0e027326e337dcd887b7
1cd7ad9360160875a21aa2a1614d8cae0fd9493caa1d1a27804ee64e098eadd8
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
26513ab894893a278667845ecd8964e47da0967f8365f5040f944e15ca57591b
26ffa1a1e01a1d1dd08ec6d31f79967c5d754339357a1b437134ad03012ae616
2944461f019fad1b00c390b4b681a194663c9bee3650519ddbcb4344bb9658db
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3
2f64b025cec8c93dcb01fe88f0e79c134bc0a6c751787360153865dfa9f3a962
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
34af07ecee7f77f4cfc70a465df9c95db29fc029a007b43eb4949ff8685ed725
36fafccce7254ffc4e77c29e7c349ee740e05b58aa53f6f915359c392cc4810d
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a
3b0a9563682ffebf44e7416421c2125c777b35c53b2580e23e06bdd5cba994a5
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
40123aa732ff828d3ec860d0555787506a8a24c6b7df7b2cc8d9100c242cc9e8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
488f386c7776039f5dd918ba217932a7dacc4a20c3cd1fb3a32b34c287d09f14
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba4275b5107a70a02cf4bb1aae8bc7a1d07e7499ed918c20ce9126ca53e9908
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
5340f559582394e49957865d3d10378f90669d6d0e2bb018f3d87588414ac4b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6606440824aa72094f35164f34b065e71150c07d0cba200b2866c876a351e7a5
6acc22780306b8d263aa9e7352ae8c7110d9532cd6a3f1fff2444f06cea4043a
6b7ced81884026861315f6c553f3311b0beb4b2999276d634dc2bae9e348a4af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
702ff8fede19257ef661ff5c2a42d6ae3ccb4ad8d6689a462b8e269badfc4a5c
74435ef7080ebd69d1eb282c5046ba00db0f3f32d1ae4155b29c33a7c3378b35
77acb059e05f5d0c3d4e2e798c4f23f94fc2872d4415bbf8a751511e5cd2bdb7
7c143028eb0ac460e307086a5f19306cb9a24b1fa87a9168d3f343e13aba8250
82499f1ea4c401605fc75e13705a9c14bbec87494f467271d7a585f7bc5c0319
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
906983bc2ede013f43b47e46740b4f247e2e71042aaf9b53989336ae3d645c88
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
960e2527fba2bef7da903395be3bf4d327768f3307f6d34ef258c977ce8d7009
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a320ca8d6975393b0b93083ea4b4c669a20feaf2da7362832ec4eabf287d824e
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1524e7cfb8f8e294795bca10578129b7f2495a019297e3872c6f8b2a09051dc
b17974619f9233fb51fc94a230d109d563093530560a2ac910972020c8cc4209
b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905
b9e2d38ae300ada11d2c5f638341c46041fd68cf342ed59575b5802d7f913b08
c3eb68cd6fcbfa294e943722a75ab567b393fcb2190b9fa3feed79186f8bf650
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7c7c6beb4a4d751b748ca07c5c43eb377a82264fbc1a47e875604fc67db8e23
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
c8532989740ba666762f0c9ba17c94c482be0f535e96401bef6d946d16ab530e
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
cce59da18b34402737308c8da16c7b332eda5f5397d663df338d5309ea40eb06
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cef679db2b15bb3f0b28882cdd534723a65b1df309aad2cbcf7e80262fe28a33
cf185b8486c16994c065e359ea34f2d85e35b64e7d3caf73d2fb29dc1bc0ed15
d17b4e72123a4e2b525865570b0ff8be31f053591ae2dd819c0473824194d824
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d874b4407ec18a37af2e5b06320fd0a8143c054aa65bb07369f646981f378bee
da8639265c27dd624482432b9f55d4903ef994868232113295f121b014adccc7
db00fc9ec635de5e631d0ff39a30dc83d611d26fc2baba3880356355c137dcb7
db1332c25063e2aed787f1d91427507dd54856ccf4fb215d1d5ab8046a2e4a47
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49275d912d467a1ad3f86317e69621ed1a5fb04b26aac9b3e77aa4031a64105
e89caecb0d914ce31a4e5546df39a357d05464ba28a81ae034697def163c10be
e8c2dd410e2a99daa83ca0ad6df4d5e589f9c15bfbc52735fc7d677c6e014254
e98ce76c9e599eb7bc742eb0ad1248acc0ead73fbccc861e2112ed9850e97974
eb1cd377774788ef272c54efc39237b7900beb894907d05bc915b7c68c86df79
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed12c0d9f531492bd81f2eb30125ce9a7db330b9d9854258879b55efebf3e75b
eda02e1fb7ce11d3479484c9ef04d76278e93d63e89f73cdec78a6fdb95fba0b
ee0bd967f4d33d1fd47c4d090fbddc3ba8442b98357bc3ec623ad29632a44e17
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c4d4e509a350d0de918e190e303a070c7bc2bf03291d308ad52da61ddea481
f90071e8cc37944b7e2c67eee41ea9d03a4b60923a53254f03f1312b7fdbc76b
fdf51f20d2664b2d584143c844fefb79b6ee4358221a2266d557edd7cd0a9522
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

notapositiva.com Open in urlscan Pro 198.20.115.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

96 %HTTPS

68 %IPv6

16 Domains

31 Subdomains

31 IPs

6 Countries

2608 kBTransfer

6041 kBSize

16 Cookies

5 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

notapositiva.com Open in urlscan Pro
198.20.115.3 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

96 %
HTTPS

68 %
IPv6

16
Domains

31
Subdomains

31
IPs

6
Countries

2608 kB
Transfer

6041 kB
Size

16
Cookies

159 HTTP transactions
5 data transactions