www.goliathbank.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.goliathbank.com/
Submission: On January 20 via api (January 20th 2024, 10:47:06 am UTC) from US — Scanned from NL

Summary HTTP 106 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 16 domains to perform 106 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.goliathbank.com.

This is the only time www.goliathbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
17	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:9b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:479d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	108.128.112.35 108.128.112.35	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:26d... 2600:9000:26da:1c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
106	24

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.goliathbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:9b6 (United States)

ASN13335 (CLOUDFLARENET, US)

t.metrilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:479d (United States)

ASN13335 (CLOUDFLARENET, US)

p.metrilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.112.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-112-35.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:1c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	581 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	428 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	174 KB
12	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	91 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	2 KB
4	goliathbank.com www.goliathbank.com	143 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	metrilo.com t.metrilo.com — Cisco Umbrella Rank: 266487 p.metrilo.com — Cisco Umbrella Rank: 255548	6 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	26 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	131 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	17 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	33 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	32 KB
106	16

	Domain	Requested by
35	s0.2mdn.net	www.goliathbank.com s0.2mdn.net googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	www.goliathbank.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	tpc.googlesyndication.com	www.goliathbank.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
8	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.goliathbank.com	www.goliathbank.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	s0.2mdn.net
2	ad.doubleclick.net	www.goliathbank.com
2	fw.adsafeprotected.com	1 redirects www.goliathbank.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	p.metrilo.com	t.metrilo.com
2	www.google-analytics.com	www.goliathbank.com
1	www.google.com	tpc.googlesyndication.com
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	t.metrilo.com	www.goliathbank.com
1	fonts.googleapis.com	www.goliathbank.com
1	code.jquery.com	www.goliathbank.com
1	cdn.jsdelivr.net	www.goliathbank.com
106	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://www.goliathbank.com/
Frame ID: E19D69AE2D31CA07BA970AAFA0801C58
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 38B2E25F489036C4AAD29CCBCA7775F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8322023648&adk=826794979&adf=1839787983&pi=t.ma~as.8322023648&w=728&lmt=1678459688&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621824&bpp=94&bdt=344&idt=271&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&abxe=1&correlator=3757464643528&frm=20&pv=2&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283
Frame ID: 0D7BAD4D9FD63B17C9751872BAD9D4D0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Frame ID: 492A0E18305D123D202332A31841A7D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&adk=1812271804&adf=3025194257&lmt=1678459688&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C140x675_r&format=0x0&url=http%3A%2F%2Fwww.goliathbank.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705747621931&bpp=1&bdt=450&idt=184&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&prev_slotnames=8322023648&nras=1&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=191
Frame ID: C356E51EC67A8DEB844E3947362528FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNXC79EVEVtau-O_siGPyMqnnO1T5b8mqNvDkft4FgUIpiUwXFBQqptO1fhMlqd4_lL40jibPOKmql31g6Jr72N20Tap1fEiR0-dnp-JZJfZt39YEqiyduwGaoh0PqmrFJmcZwHl1DF4KseUkQSvxI2oKcUWLcX3ShGv_PFaIF78ogGXQko
Frame ID: 04C57D9564E0A752C9F4D860D272F4DF
Requests: 5 HTTP requests in this frame

Frame: https://fw.adsafeprotected.com/rjss/st/953900/61623473/skeleton.js
Frame ID: 43827C8E8534E5D4735DBCB5CB6204B2
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
Frame ID: FD4E1E0EDE3B4B2B31770A376E2B2A76
Requests: 24 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
Frame ID: A07F7112421A9ABA2E1498EB4E855A28
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D21DF78EDB7F0CD5F6ED914679CA6AD7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F23E060B4E99C497E4AD8A644051D591
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B5D20F5B7630C2C3FAAEA7EF5B4F5C18
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5995AA79447C250BBC6D8DD746C38FD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52CBB0A2C4EC7D0D77A8BBCF19100044
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Goliath National Bank - Your Financial Wingman

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

106
Requests

85 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

24
IPs

3
Countries

1725 kB
Transfer

3727 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 12

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=267340246&utmhn=www.goliathbank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Goliath%20National%20Bank%20-%20Your%20Financial%20Wingman&utmhid=697267414&utmr=-&utmp=%2F&utmht=1705747621904&utmac=UA-19160504-1&utmcc=__utma%3D164934953.410533834.1705747622.1705747622.1705747622.1%3B%2B__utmz%3D164934953.1705747622.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1296204776&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=267340246&utmhn=www.goliathbank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Goliath%20National%20Bank%20-%20Your%20Financial%20Wingman&utmhid=697267414&utmr=-&utmp=%2F&utmht=1705747621904&utmac=UA-19160504-1&utmcc=__utma%3D164934953.410533834.1705747622.1705747622.1705747622.1%3B%2B__utmz%3D164934953.1705747622.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1296204776&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDycwB3nLi3Mv3AmeIytMM0&google_cver=1

Request Chain 38

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zaukp7.5yJQmyKs5p8X-tQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDycwB3nLi3Mv3AmeIytMM0&google_cver=1&google_hm=2

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMDwYPh4Igg1thH6EpcWyL8&google_cver=1

Request Chain 40

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjY1OTIyMTE0MjQ1NzU1

Request Chain 77

https://fw.adsafeprotected.com/rfw/st/953900/61623473/4.js?adContainerId=brand_safety_pqSrZfL5CJPA1fAPiq6qgAk&cbFunctionName=goog_wrapCb_pqSrZfL5CJPA1fAPiq6qgAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.goliathbank.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.goliathbank.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1837583969273330%26output%3Dhtml%26h%3D90%26slotname%3D8192605529%26adk%3D3151497336%26adf%3D1056458448%26pi%3Dt.ma~as.8192605529%26w%3D970%26lmt%3D1678459688%26format%3D970x90%26url%3Dhttp%253A%252F%252Fwww.goliathbank.com%252F%26wgl%3D1%26dt%3D1705747621918%26bpp%3D1%26bdt%3D437%26idt%3D192%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_slotnames%3D8322023648%26correlator%3D3757464643528%26frm%3D20%26pv%3D1%26ga_vid%3D410533834.1705747622%26ga_sid%3D1705747622%26ga_hid%3D697267414%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D315%26ady%3D1085%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759876%252C44759927%252C44795921%252C31080505%252C95320890%252C95321626%252C95322164%26oid%3D2%26pvsid%3D632434726006241%26tmod%3D2012051007%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D195&adsafe_type=bed&adsafe_jsinfo=,id:1cf517ae-1c51-691a-a91a-20396f6a702b,c:1PXZoD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-2zrkr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:u1TNc4B+11%7C121%7C122%7C123%7C131*.953900-61623473%7C1311%7C13121%7C14,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:15,oid:3f0d89c4-b781-11ee-b1e8-764158dd4e0f,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_pqSrZfL5CJPA1fAPiq6qgAk&cbFunctionName=goog_wrapCb_pqSrZfL5CJPA1fAPiq6qgAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

106 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.goliathbank.com/ 6 KB
3 KB 255ms
224ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goliathbank.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc17511f1cbea82cc34be877c6983eb644b2f06900e0514bf19d170649b843d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8486bca8e96c0e74-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 20 Jan 2024 10:47:01 GMT
Last-Modified: Fri, 10 Mar 2023 14:48:08 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705747621&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UmwFj7Sf7mtz0kwOhCJR5IH6mdggqhTtDHyYMd70a8E%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705747621&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UmwFj7Sf7mtz0kwOhCJR5IH6mdggqhTtDHyYMd70a8E%3D
Server: cloudflare
Transfer-Encoding: chunked
Via: 1.1 vegur
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 216 KB
32 KB 68ms
31ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.goliathbank.com/
Origin: http://www.goliathbank.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3058376
x-jsd-version: 5.3.0-alpha1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220074-FRA, cache-lga21935-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uc6P%2FDI0Ake0QrT3IcRB78bxNs2QTkibnLxjOrTwgKDp1dceYWnh2F2hHZQpdnFWgcTEjDXzpwwDq9F0TkJztLc%2BRf2XiB8bJeTmOWaBU0fuFLXiFEOI05jSkx8ZWOzy8uLgn7PRo%2BQRdT0HKF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8486bcaa8dac0c81-AMS

GET
H/1.1 200
OK app.css
www.goliathbank.com/css/ 1 KB
1 KB 212ms
211ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.goliathbank.com/css/app.css
Requested by: Host: www.goliathbank.com
URL: http://www.goliathbank.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdfcebcb6bbabeefe578607d2695a1ff9130bc5f50fabafcff6193494e4a7276

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 10:47:01 GMT
Via: 1.1 vegur
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705610901&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=D31R0d9TDQiZMWjuEtyhom9xuRu1KtdU6ODAfxbxqhI%3D
Last-Modified: Fri, 10 Mar 2023 14:48:08 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705610901&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=D31R0d9TDQiZMWjuEtyhom9xuRu1KtdU6ODAfxbxqhI%3D"}]}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 8486bcaa4b440e74-AMS

GET
H/1.1 200
OK jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 294ms
143ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: www.goliathbank.com
URL: http://www.goliathbank.com/
Protocol: HTTP/1.1
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 10:47:01 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 10843825
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 33357
X-Served-By: cache-lga21931-LGA, cache-bom4750-BOM
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Server: nginx
X-Timer: S1705747622.709239,VS0,VE0
ETag: W/"28feccc0-1787d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
Accept-Ranges: bytes
X-Cache-Hits: 30, 37934

GET
H/1.1 200
OK logo_small.png
www.goliathbank.com/imgs/ 9 KB
10 KB 241ms
224ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.goliathbank.com/imgs/logo_small.png
Requested by: Host: www.goliathbank.com
URL: http://www.goliathbank.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923c10d7842a5a20e8a6e97300dd5b2b6d83b656d1f4ed0c760e10e0fdaddea1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 10:47:01 GMT
Via: 1.1 vegur
CF-Cache-Status: REVALIDATED
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 8992
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705576220&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=cxt5dyrFK07dRD9XfV9aZBNo3Jl68JFiJY1bnrehQwo%3D
Last-Modified: Fri, 10 Mar 2023 14:48:08 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705576220&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=cxt5dyrFK07dRD9XfV9aZBNo3Jl68JFiJY1bnrehQwo%3D"}]}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 8486bcaa6cfc664f-AMS

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 26 KB
11 KB 206ms
96ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb361f1d428fad7b41d5547b138b0796246a695398bbf1355f37129f1a457119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10640
x-xss-protection: 0
server: cafe
etag: 15725673126587313947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 10:47:01 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
54 KB 89ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4103a765dedb01281b67cdefa5acfdd5588740f83368400f89d94247c0acbdd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 10:47:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54244
X-XSS-Protection: 0
Server: cafe
ETag: 16438670378935053995
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Sat, 20 Jan 2024 10:47:01 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 16 KB
2 KB 55ms
32ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/css/app.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd7a77c0c14f94b0cbe597f7feb552fcb9067e6bbe5c35a3668a246c2308bfa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 10:47:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 20 Jan 2024 10:47:01 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 20 Jan 2024 10:47:01 GMT

GET
H/1.1 200
OK 5de8da7079c0ced8.js Show response
t.metrilo.com/j/ 13 KB
5 KB 268ms
240ms Script
text/javascript 2606:4700:20::681a:9b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://t.metrilo.com/j/5de8da7079c0ced8.js

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:9b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2efae3a7998be87a9832da11c59b6e8b51def2be999eefdbeecd1cb726651b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 10:47:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Permitted-Cross-Domain-Policies: none
Cf-Polished: origSize=19687
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 5954b2c73ae8f6f691559ce8120919f7
X-Runtime: 0.009435
Referrer-Policy: strict-origin-when-cross-origin
Cf-Bgj: minify
Server: cloudflare
ETag: W/"94d51b9060413bc57296d5a45fe39983"
X-Download-Options: noopen
Vary: Origin, Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORelTNE%2BveXxuKKLg4sChk1SkL7C5O7lREp%2BHneFb1BM%2FM1KY9ppOaFFmAx2ITTYOxkZ%2FEUjIzAq%2FXh7fmSQAAJhxuq5RuUbiyZlZC1q94F%2BlSJCjlExzE5fLEndyigxxQsDHXJCcjHDtDE%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: private, max-age=86400, must-revalidate
CF-RAY: 8486bcac99e20b8e-AMS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

700303f9c4a4b8e59f33bf990b9d6707490937e4671e7d9c179031cef549a6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51121
x-xss-protection: 0
server: cafe
etag: 2799217476062763270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 20 Jan 2024 10:47:01 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

54ms
17ms

Script
text/javascript

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 09:31:18 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4543
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 20 Jan 2024 11:31:18 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK barney.png
www.goliathbank.com/imgs/ 128 KB
128 KB 481ms
481ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.goliathbank.com/imgs/barney.png
Requested by: Host: www.goliathbank.com
URL: http://www.goliathbank.com/css/app.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b225fed22298b5db563fd065c96c241192e4d9d38834f569ce4a8d24e2882c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 10:47:02 GMT
Via: 1.1 vegur
CF-Cache-Status: MISS
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 130709
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705747621&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UmwFj7Sf7mtz0kwOhCJR5IH6mdggqhTtDHyYMd70a8E%3D
Last-Modified: Fri, 10 Mar 2023 14:48:08 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705747621&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UmwFj7Sf7mtz0kwOhCJR5IH6mdggqhTtDHyYMd70a8E%3D"}]}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 8486bcac7f81664f-AMS

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 46ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.goliathbank.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 07:25:55 GMT
X-Content-Type-Options: nosniff
Age: 184866
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 48236
X-XSS-Protection: 0
Last-Modified: Thu, 14 Dec 2023 02:08:40 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 17 Jan 2025 07:25:55 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=267340246&utmhn=www.goliathbank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Go...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=267340246&utmhn=www.goliathbank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=G...

35 B
197 B

22ms
22ms

Image
image/gif

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=267340246&utmhn=www.goliathbank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Goliath%20National%20Bank%20-%20Your%20Financial%20Wingman&utmhid=697267414&utmr=-&utmp=%2F&utmht=1705747621904&utmac=UA-19160504-1&utmcc=__utma%3D164934953.410533834.1705747622.1705747622.1705747622.1%3B%2B__utmz%3D164934953.1705747622.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1296204776&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=267340246&utmhn=www.goliathbank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Goliath%20National%20Bank%20-%20Your%20Financial%20Wingman&utmhid=697267414&utmr=-&utmp=%2F&utmht=1705747621904&utmac=UA-19160504-1&utmcc=__utma%3D164934953.410533834.1705747622.1705747622.1705747622.1%3B%2B__utmz%3D164934953.1705747622.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1296204776&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ 402 KB
137 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_with_ama_fy2021.js?client=pub-1837583969273330&plah=www.goliathbank.com&bust=31080505

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

652985742e1048b2bf7386c45248eab2c86266f799e46b6d64956673dbd7c19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139614
x-xss-protection: 0
server: cafe
etag: 18136595886740619178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 10:47:01 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 38B2 9 KB
4 KB 76ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goliathbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 37323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 00:24:58 GMT
etag: 9219409622527106327
expires: Sat, 03 Feb 2024 00:24:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 t
p.metrilo.com/ Frame 0
0 176ms
126ms Preflight 2606:4700:20::ac43:479d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.metrilo.com/t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:479d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: http://www.goliathbank.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8486bcae6f0d66a9-AMS
date: Sat, 20 Jan 2024 10:47:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxGgoHK5bbFhiObAXgyF9w3Fu3QNkZ6oRNxpCK72Xv62YoP39WEnJ9xiXp6ssXjZuRkHUUTEB5iq210UWnF0rh8J2W%2F1dfoGSbHTzD1%2FvNlr2Q7FoXV%2FY2XBIpYdsa2HW3SQr9XJD5Axj2k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-request-id: 3674301a893481263e0a47a9401f9b5b
x-runtime: 0.000658

POST
H2 200 t Show response
p.metrilo.com/ 35 B
708 B 144ms
144ms XHR
application/json 2606:4700:20::ac43:479d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p.metrilo.com/t

Requested by

Host: t.metrilo.com
URL: http://t.metrilo.com/j/5de8da7079c0ced8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39492825b2ea2bb8bd2be97d5cca063adcaab3fcb3eb7cb0f529302f50fe8cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goliathbank.com/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Jan 2024 10:47:02 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 70f9dabff63004ba07e28c8d1e3a7a3c
x-runtime: 0.008738
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"39492825b2ea2bb8bd2be97d5cca063a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGSpJZHDtPOuaAbxxuOV8oVLqPEXBojWy9eRS5TAYzcINAwH0%2FKMBP%2F5eMFOUziLUwAqBt%2FNVXcAUsEZAF5X3JT9tcQ8weGcioLt%2FPp65Hz1hq477RmUGhuASkbfnFnTpwrofzOugQaqR7U%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Origin
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
cf-ray: 8486bcaf38c566a9-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type,, Accept, Authorization

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D7B 106 KB
44 KB 875ms
874ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8322023648&adk=826794979&adf=1839787983&pi=t.ma~as.8322023648&w=728&lmt=1678459688&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621824&bpp=94&bdt=344&idt=271&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&abxe=1&correlator=3757464643528&frm=20&pv=2&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_with_ama_fy2021.js?client=pub-1837583969273330&plah=www.goliathbank.com&bust=31080505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cfdf0f7be4ad758a6d054d2631461e5e9577151a6bb0a4152eeb765d8007d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goliathbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44991
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 10:47:02 GMT
expires: Sat, 20 Jan 2024 10:47:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 492A 106 KB
41 KB 897ms
897ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2b474e18edda3645c50f1a9a9089d18b3320e2d450c2b9486d49371169a422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goliathbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41440
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 10:47:02 GMT
expires: Sat, 20 Jan 2024 10:47:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C356 0
180 B 33ms
33ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&adk=1812271804&adf=3025194257&lmt=1678459688&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C140x675_r&format=0x0&url=http%3A%2F%2Fwww.goliathbank.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705747621931&bpp=1&bdt=450&idt=184&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&prev_slotnames=8322023648&nras=1&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=191

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goliathbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 10:47:02 GMT
expires: Sat, 20 Jan 2024 10:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D7B 42 B
63 B 84ms
84ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BM9YMSXjBg58oiLOIfD3kJeUg3J0yW9BBPvgu56gSrVMYKRyULfB-01I5h-bqdR2ldEipM6LIE9b3Mr1-E-yGufzaJD-85EebEkVU7siu_YUMZdQM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8322023648&adk=826794979&adf=1839787983&pi=t.ma~as.8322023648&w=728&lmt=1678459688&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621824&bpp=94&bdt=344&idt=271&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&abxe=1&correlator=3757464643528&frm=20&pv=2&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 04C5 624 B
246 B 61ms
61ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNXC79EVEVtau-O_siGPyMqnnO1T5b8mqNvDkft4FgUIpiUwXFBQqptO1fhMlqd4_lL40jibPOKmql31g6Jr72N20Tap1fEiR0-dnp-JZJfZt39YEqiyduwGaoh0PqmrFJmcZwHl1DF4KseUkQSvxI2oKcUWLcX3ShGv_PFaIF78ogGXQko

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8322023648&adk=826794979&adf=1839787983&pi=t.ma~as.8322023648&w=728&lmt=1678459688&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621824&bpp=94&bdt=344&idt=271&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&abxe=1&correlator=3757464643528&frm=20&pv=2&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 10:47:03 GMT
expires: Sat, 20 Jan 2024 10:47:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0D7B 111 KB
39 KB 92ms
25ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame 0D7B 8 KB
3 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 17:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 17:01:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame 0D7B 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:30:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:30:47 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D7B 41 KB
14 KB 135ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 0D7B 3 KB
1 KB 124ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:56:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 0D7B 20 KB
8 KB 106ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:28:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D7B 206 KB
65 KB 228ms
115ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 10:47:03 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/953900/61623473/ Frame 4382 269 KB
79 KB 136ms
37ms Script
application/javascript 108.128.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/953900/61623473/skeleton.js
Requested by: Host: www.goliathbank.com
URL: http://www.goliathbank.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.112.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-112-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7092334bc62d0d3e9cebb8976ad1ba0075b47227e65b844a88b9e3b2eb84ec31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4382 111 KB
39 KB 88ms
51ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Jan 2024 21:44:19 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4382 41 KB
14 KB 104ms
48ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 4382 36 KB
14 KB 117ms
62ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:15:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14392
x-xss-protection: 0
server: cafe
etag: 5705098247650313184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:15:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 4382 3 KB
1 KB 115ms
61ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:56:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 4382 20 KB
9 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:28:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4382 206 KB
66 KB 150ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 10:47:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame 4382 23 KB
9 KB 99ms
45ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 05:23:08 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 04C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDycwB3nLi3Mv3AmeIytMM0&google_cver=1

43 B
335 B

44ms
44ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDycwB3nLi3Mv3AmeIytMM0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNXC79EVEVtau-O_siGPyMqnnO1T5b8mqNvDkft4FgUIpiUwXFBQqptO1fhMlqd4_lL40jibPOKmql31g6Jr72N20Tap1fEiR0-dnp-JZJfZt39YEqiyduwGaoh0PqmrFJmcZwHl1DF4KseUkQSvxI2oKcUWLcX3ShGv_PFaIF78ogGXQko
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOQ1PfdYgwCwF%2BZZ%2FbJQfzffV4bjavqrswjK3loRvsNiiinV0URpHE3JCsax1N8A0f5pvtcTavx8H1hEvkQb8sfO6J9KA4SKPIpNwJo6yLu7gyNnZbBJdDQmzGfoPGN24kBukq67ClcgvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8486bcb4cf6e6716-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDycwB3nLi3Mv3AmeIytMM0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 04C5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zaukp7.5yJQmyKs5p8X-tQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDycwB3nLi3Mv3AmeIytMM0&google_cver=1&google_hm=2

43 B
771 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDycwB3nLi3Mv3AmeIytMM0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNXC79EVEVtau-O_siGPyMqnnO1T5b8mqNvDkft4FgUIpiUwXFBQqptO1fhMlqd4_lL40jibPOKmql31g6Jr72N20Tap1fEiR0-dnp-JZJfZt39YEqiyduwGaoh0PqmrFJmcZwHl1DF4KseUkQSvxI2oKcUWLcX3ShGv_PFaIF78ogGXQko
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfGzKv8K%2BYK8jph%2F6jPdiC%2BPFu4r1GuPpSomasg1sa7Th%2BNG4Kv1Rw%2Bxg1TeWPhreW3ArwnqTuRKuwzvw%2FneqNWKmmBKkdAuoI9PCxOYzYhQ9bkTKF3O0dlkGUiXG32cUNuReA66J2239Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8486bcb53af40ea4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDycwB3nLi3Mv3AmeIytMM0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 04C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMDwYPh4Igg1thH6EpcWyL8&google_cver=1

43 B
1004 B

23ms
23ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMDwYPh4Igg1thH6EpcWyL8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNXC79EVEVtau-O_siGPyMqnnO1T5b8mqNvDkft4FgUIpiUwXFBQqptO1fhMlqd4_lL40jibPOKmql31g6Jr72N20Tap1fEiR0-dnp-JZJfZt39YEqiyduwGaoh0PqmrFJmcZwHl1DF4KseUkQSvxI2oKcUWLcX3ShGv_PFaIF78ogGXQko

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
an-x-request-uuid: 6c91ef39-1b1a-4b0d-b145-70d3fe1b51b3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.216; 31.204.152.216; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMDwYPh4Igg1thH6EpcWyL8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 04C5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjY1OTIyMTE0MjQ1NzU1

170 B
243 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjY1OTIyMTE0MjQ1NzU1

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
an-x-request-uuid: d1248ab9-3230-4421-8fd3-b8ef8dcaa816
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjY1OTIyMTE0MjQ1NzU1
x-proxy-origin: 31.204.152.216; 31.204.152.216; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17511219809281376256/ Frame FD4E 87 KB
18 KB 75ms
25ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf81bf7824271edc3a71aff3acedcf101ee92d0f45b5018172d7eec3b6f7baf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 310264
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18604
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:35:59 GMT
expires: Wed, 15 Jan 2025 20:35:59 GMT
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 0D7B 0
0 151ms
67ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssVrcxvTDdABm556e9aqvp_gQmx-ET4r0jlLBMA-JV6tKz2ClFZ5RHEpQO3nSMW5wHFcnbBCNG-IH57dSE1p1OhwB_hZi2aIJE_lAq8X4dijafjhl3fO97QCi2HSrcwE8ngIRp91XrIaZkUKKcHumk1_0DcsZEaRCNBgiSXc0c-y4HM61TRoL3_pxa_ux0gCG_x4V93BSsho-I_lGu54izPG5jrsZLJGDflzID-MLHSHgIK7unbzdfSbiDRDtKrPaBmguwJsClwrgQHc2wYa0l5Gd8jFils24oPFLXjzj8jpR9MrfiVriZTFIJWBLIS3FUtZQK-cP5JKLFbTbs4HIHlDZ-eFDmcsZaIgVF2nGFk56rnwdD3vuNNZFqkI47RCL8m4zBc-3bE9GbOEMw3M0iTqYCGGBioKZNvxsIc3MWs5y0gUPD_H3Xe0wSXozzkzcrn7nQTOx_BO4bha_gXWNiR4b-0W1b-BCCmxpeW7RgmUrkcpxRf2Oxsgv3TttAVtBQl-OpL84xFy0288_wL0-5WKMCAry2fNZ05kj6-rRlNT6wqopuyf9u9UHcwkTbyQBLnHCPYS9nl6kSGgxFHUQMYwATr_tarGAxENGr0Oqdy1oWx_U5QDqKiL3wB1FDSWVsCQDiBwvfWR0RhbT9q1PaXM92pa7FvfuEMG9XACMMSS4XWGdppjNliUOagK86ABqaHvo_r5NyM1cGRQbQQKVgLq_WliT5uNMGaQ0i_CF7vjAA_1eI-Zuw_XSR_g7Fr2h4wRW0Wi399QBYmp5bb02M0x0mhXTS9PhJz84c5JwMIPS1ankTyaARZNM-Cyi3etKOVCAn8hwwwiFZ8UnQwLwdxl-BU4UtJjOq7eYnm-j2nEonZZ5ypGZ_vHFGp8L9ZxkZDY-fn6HG06yOUJvh-LCpOYY_a_QZteduTFjUn-lqeUZDENIevBKJUX8_LGX9hDZOl3Z9YxMDolDhfjOm-mVPinbk_b6wM3w25pDih9GyU2I33iQM7BfBmJ69-8njhOZtkaDt4ecpj-ReKjMnPmGWFwGc6lOw2sk4vAmZaC2Gdu87dGPUkcrgtOXXWtKLSCeKqLriBRYet-EtOT_Uiftssqn_sR75Kn0JrqvOIMv4xQPVSx0SuhEGnSEdnTUU32zZ5kMJj3aNhmTGsBE4WS07FTJ6VhvhYtfpJBIBHhQ7kdpqLkyllfjU1hMO0DLNKv9H0sNRS9LWNrLKBUPpVmcgXq-WBDy-wG3Rmy7OQmt2wlI3y8lZBFRWw9K7CBE5_cbOWGnISD7lWml9A1DBmpGZg0bpRb46kpwTh3N0-7ciKDOm3ZJK3Hx4AxsRxJBujBwru8c0eQnUrXcoplr4&sai=AMfl-YRaSRuM1AzzEr9vnsllbistA5MRaFdrc0HZE4v2ClyLxOF3c_OX6dqK8wN05GOT2m0guDkfvPT07WfAB0W6oEDUM0y_mnYxqy0-rVc7YLy6JHYUKuOU0Bw0Yb6u9V69CpB8x9mgWvGk3WiwoRX7XiVIkfWeF1PGumxHzCRSkipgxUEgH_HCc0uun3emp_SH3Xn29Vv2QB3BkxtpL_dALR02Y_aaV1k1Gq-DI_wwIZ9yVDB_gapPuzh2Ex7yo8j9GHYm0HRLMrzxohZhC1qMXLuSsUNJcTbxwfbeHGkepcqnGF76oN3mWjWhZWc2vw5LbEOHmRnUMSUDOlJFqtXcYj8dgutJmpErMIDXCuZM-WUse-TyWl6xt-mI717I08inQt9vWhBH9d0TreBf_CpcPwH3gsOw0b02TSK5JRw_AxIAkH6K43MC3OVFvkGOjgXwc4QdgxxZgJjc78SD-l70pydg1D7k5kkAXApMpQW90PHXwcZmKxKQckl6ISsfZuY61CD9Fss&sig=Cg0ArKJSzNEPIIBf1brSEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=148&cbvp=1&cstd=146&cisv=r20240117.51457&arae=0&ftch=1&adurl=

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 10:47:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 91 KB
28 KB 80ms
34ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a99e9b792c72ab4e43faba07573fa7177b40209bb07a6ced3e4665e959971eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1671
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 29111
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 10:19:12 GMT
expires: Sun, 19 Jan 2025 10:19:12 GMT
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0D7B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abad3204cb7615d3ddef77e637e0b92daf6bacf982d951f3a57e28c052039654

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D21D 38 KB
13 KB 23ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 309175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4382 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98c2088f402812f045de221b2ae5baa8fa93915923f529eefa22dcf44d5ec24a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F23E 38 KB
13 KB 23ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 309175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D21D 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 22:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 22:09:39 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame F23E 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 22:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 22:09:39 GMT

GET
H3 200 AirCanadaHorizontal.svg.js Show response
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 3 KB
1 KB 25ms
25ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/AirCanadaHorizontal.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87efe00b52483b10fd8a3a6aeebcdbe7f85647fffb4cdd00b73f6b7df222aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 AC-Logo-Stacked-RGB-White.svg.js Show response
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 3 KB
2 KB 27ms
26ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/AC-Logo-Stacked-RGB-White.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a4c0411a6c2c360284d5bb84142f32121c1bbf6e0e258e7be26474383b696d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 07:15:43 GMT
date: Wed, 17 Jan 2024 07:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1664
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 CTA-BOOK-NOW-PILL-EN.svg.js Show response
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 3 KB
1 KB 27ms
27ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/CTA-BOOK-NOW-PILL-EN.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d5f335dea2603155afca7bf8fdfa19e4bf8c8dd66fa0dc5225199d37c14ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1111
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Skytrax-Logo.svg.js Show response
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 38 KB
8 KB 28ms
28ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/Skytrax-Logo.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8790106c39d616d072aa3f2a0b9e320745c6afb31ef2fecf56a1295e445019f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8235
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame FD4E 70 KB
25 KB 62ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4517043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzIWCQCu56W5Qqa3xJuIve34wFvN6Ayj7B1KftNM4mo3mo%2B0ZmwNhqcy8Kz29lGUaUtJO37VujvXn%2B1IrAAmvCy%2B%2F%2BmY0xOgUwLMSl4RHudbWxs1SP%2BKLKEV3uzb4R8ZgE%2Boevi5bt8vmM%2Bf40U9JMl2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8486bcb5ff4ab743-AMS
expires: Thu, 09 Jan 2025 10:47:03 GMT

GET
H2 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame FD4E 2 KB
1 KB 63ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 55928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vgaTXXZFhC%2Ban4Z0OUFQjIYcy9ottY4zwrj0ur0yPqe1b%2Bc9oWzNeeDmcvFIAem7NgWz0QPwVyH281qi2nNPoKbf3XYaFL4IC%2FkbtZGRaTnGHzPtCmFiDcBh6JjvdGvKYVqq%2FCeZVhiqsQ5kg8i7P9C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8486bcb5ff4cb743-AMS
expires: Thu, 09 Jan 2025 10:47:03 GMT

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 669 B
430 B 25ms
24ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 20:35:59 GMT
date: Tue, 16 Jan 2024 20:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 749b29f1.jpeg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 60 KB
60 KB 35ms
32ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/749b29f1.jpeg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40ba422e09235af4c6111e4d890b7d256b5d07658f029bc835053f4749f835a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61200
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 51d91ad3.jpg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 47 KB
47 KB 31ms
29ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/51d91ad3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70efd2d87e54a8b52df80f591a85c3e7bce36f31d25d6be0d8a85e2c94b80aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48222
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 de995ca2.jpg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 50 KB
50 KB 45ms
43ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/de995ca2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c62b495174cdcc9521c650a050f75ad18f373406e58fed95a5a2162f51e7fb8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51006
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 5 KB
2 KB 57ms
55ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 5 KB
2 KB 55ms
53ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 302 B
263 B 43ms
41ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 06:51:33 GMT
date: Tue, 16 Jan 2024 06:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 aef85528.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 2 KB
3 KB 53ms
52ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/aef85528.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6e3fd75e470cd50759b897eab984da9b5cafeda028be8eba2e779e41df6d818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 18:21:43 GMT
date: Tue, 16 Jan 2024 18:21:43 GMT
x-content-type-options: nosniff
age: 318320
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2559
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 083066d0.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 4 KB
4 KB 55ms
54ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/083066d0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

185ee6c604469276f38fddfd5ec30d536bc7d1ec539289d947184abc8e6226b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 15:01:31 GMT
date: Wed, 17 Jan 2024 15:01:31 GMT
x-content-type-options: nosniff
age: 243932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4267
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 a7fe608c.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 2 KB
2 KB 44ms
42ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/a7fe608c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

877ce1a84ae54b19a56347f0014b8eae64c8de9b7f86a9a9818d8f2ef3b5aafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1958
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 3e6eef34.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 3 KB
3 KB 42ms
40ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/3e6eef34.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cc81787d3f2629427446bfa0c8dc6d01b00509c626d866a3ba0c7abaa585cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3313
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 050e87d6.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 2 KB
2 KB 41ms
39ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/050e87d6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ba9741829fcef2b1659404ffdc6889b47ef4f434de5ccbd67aa7172b03d7071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 40fa64a5.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 3 KB
3 KB 40ms
38ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/40fa64a5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd12cc8b75c3517537cfd15861d827c1d5471b0541f8fd330ee2f59d5fa6cd9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 06:51:33 GMT
date: Tue, 16 Jan 2024 06:51:33 GMT
x-content-type-options: nosniff
age: 359730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3173
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 820 B
500 B 39ms
37ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 769 B
439 B 66ms
64ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 dfd4a3e2.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 2 KB
2 KB 63ms
61ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/dfd4a3e2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

198972eba33cc7147a2bbe5ad68e947a17961a4bb43b8f418e0dc4fb2a642950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 20:48:06 GMT
date: Tue, 16 Jan 2024 20:48:06 GMT
x-content-type-options: nosniff
age: 309537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1706
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 b36afb92.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 3 KB
3 KB 56ms
55ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/b36afb92.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c372f5831ede09fa80c662c9bd065187b1dc2dc6a6607c430e6e2a85c3fa6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 22:24:37 GMT
date: Tue, 16 Jan 2024 22:24:37 GMT
x-content-type-options: nosniff
age: 303746
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3536
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 39c507e6.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 2 KB
2 KB 65ms
63ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/39c507e6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15c6cc98266d6c47464af2861b51e17b34f69a0b319b1b33a765c47e3fd7edc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2179
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8d202c55.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 3 KB
3 KB 64ms
62ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/8d202c55.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8b2b3828d723bf17a1b4616c18a4912932c3cea19c3df5662b1b22602b50347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3462
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 3484dbb6.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 14 KB
14 KB 57ms
56ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/3484dbb6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd6b0cf1673c87395f58ab2c178786e917f6f8eb5e3bd46e54e520164270242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:13:42 GMT
date: Wed, 17 Jan 2024 06:13:42 GMT
x-content-type-options: nosniff
age: 275601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14359
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ace7e579.png
s0.2mdn.net/sadbundle/17511219809281376256/images/ Frame FD4E 30 KB
30 KB 61ms
60ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17511219809281376256/images/ace7e579.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

518be846d7bb0c8ecaf627c29180852a143b97861f55ef44d3048fb73342f3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17511219809281376256/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 18:15:23 GMT
date: Wed, 17 Jan 2024 18:15:23 GMT
x-content-type-options: nosniff
age: 232300
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30927
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:09:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 4382
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/953900/61623473/4.js?adContainerId=brand_safety_pqSrZfL5CJPA1fAPiq6qgAk&cbFunctionName=goog_wrapCb_pqSrZfL5CJPA1fAPiq6qgAk&true_pb=https%3A%2F%2Fstatic.adsafep...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_pqSrZfL5CJPA1fAPiq6qgAk&cbFunctionName=goog_wrapCb_pqSrZfL5CJPA1fAPiq6qgAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

111ms
76ms

Script
application/javascript

2600:9000:26da:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_pqSrZfL5CJPA1fAPiq6qgAk&cbFunctionName=goog_wrapCb_pqSrZfL5CJPA1fAPiq6qgAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol: H2
Server: 2600:9000:26da:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: chJzWGuhkrqyagXtH_ztVZhv7KoeCC.y
content-encoding: gzip
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 21:47:27 GMT
x-amz-cf-pop: MUC50-P4
age: 133177
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 11 Jan 2024 21:47:25 GMT
server: AmazonS3
etag: W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: HcrwazJYPXyIjWe3vQmdo8je03i-Q7FJif-SnikCWAI_ZycWyJMqdg==

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_pqSrZfL5CJPA1fAPiq6qgAk&cbFunctionName=goog_wrapCb_pqSrZfL5CJPA1fAPiq6qgAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B5D2 91 KB
92 KB 125ms
33ms Script
application/javascript 2600:9000:26da:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 15170613
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: rL2zyBY-DSzr0lGyyCUhBtdc45Fk1IcUqmj0yt-3n9er7D011ekB7A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4382 43 B
216 B 324ms
101ms Image
image/gif 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=1cf517ae-1c51-691a-a91a-20396f6a702b&tv=%7Bc:1PXZpj,pingTime:-3,time:57,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:57,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1TNc4B+11%7C121%7C122%7C123%7C131*.953900-61623473%7C1311%7C13121%7C14,idMap:131*,rmeas:1,rend:0,renddet:na,siq:15%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4382 43 B
215 B 324ms
103ms Image
image/gif 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=1cf517ae-1c51-691a-a91a-20396f6a702b&tv=%7Bc:1PXZpk,pingTime:-6,time:57,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:57,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1TNc4B+11%7C121%7C122%7C123%7C131*.953900-61623473%7C1311%7C13121%7C14,idMap:131*,rmeas:1,rend:0,renddet:na,siq:15%7D&tpiLookup=ao:www.goliathbank.com%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4382 43 B
215 B 301ms
104ms Image
image/gif 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=1cf517ae-1c51-691a-a91a-20396f6a702b&tv=%7Bc:1PXZpK,pingTime:-2,time:83,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:12,mdZ:214,beA:285,beZ:286,mfA:288,cmA:289,inA:289,inZ:291,prA:291,prZ:297,si:300,poA:301,poZ:316,cmZ:316,mfZ:316,loA:343,loZ:344,ltA:369,ltZ:369%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1TNc4B+11%7C121%7C122%7C123%7C131*.953900-61623473%7C1311%7C13121%7C14,idMap:131*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:15,sinceFw:68,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame A07F 5 KB
5 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdd400bdc548205dd8becdc1dd442977a2093e3ffb8a34c54b93843366a10f86

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A07F 6 KB
6 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87dfcec740d2c1365d74282b3b1eeaa4949bc8cb7258d71cd134eb2a50dff6e0

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4382 0
557 B 122ms
63ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst701KOg02vVwOTpUcf3h_L3IWvt5SlSfbNgNITHa9eANGH5Ghl6sc9kbiofTcjfSRdxuiuCVa-rNc9kYsGyFjBvjg_NjXHZ251Uyj1ThVpD0AjwksN8wM3ezqLCN1ac6_gMhtsTT3mbJ6kPgDaOpOGB1U9rwwnQ0H9vPCLOMzqHqhZiY4uUWrGaqLDnTXqYy9Ank7DNhWwst0NikPw-iu-XN361ZHZhiqVhOxxyRD5YlVhpUOQiagDkgUO6unc4ZFP-4sgqV_Xko6lAbS6c8b70jDbcdQSfP-yD12VosuqDpYKmxUjNWCHE5QOFco11IEzidgvS9jTP3-Wjc6MbhaZmvKj2wUjHPQ_nIz2DEubCLHP_p3dgwAw5btC8jZS7LEzz-s7FL3qdTidoo9coc-1KGH86Xbo2a53yzVKIFJJp2X8XYO_rGzC8XLytxcTE3fEF3QzsWG0zHxLGR1ahXmCCQxx5lymmjv1kaRyztfz7mGLxP4xitCYpMVlo8iSasVIdxDdbVF_FTCsjan4DksHIcyyMX2nHONqi8uDVZhn_NkRpJo7r_cnhKruLEBskwAIEyezldmcgQcJ5nP54L7PvtwTnXRxItaZyvGzvhkj8lxO7xllb0vjNczUtXrerSI2yVzij9RHnjs_Qgac7943quxh5ajO6m5ut615rWXbi6iJ1CO5-085LjMdqEGYFqSaYmsiQPSbIQjOBYdJuRGb8NVCjabKBMytsLwwTjbYH5qUm2iqdNYDfRcwAr9mmwQim7NIla0y2xGitK7q9ZKQUPk-dtZK7vlUoAhlt7vXoZ1qz49bkvg3w__j3V3_QoXaumCqpnRaVvsgH3VEtbV4Y4baReqtbVtq3LgOk13cKrM3D3x49QxHgLKgOlppak_J8iVEFH3maxw_hGkre3jF5x9I2J2BV4zBR9nPtejdqsgdb2rHvgB83D2m_K3tWpuo584i6z7YjI3jvpqJpXbDpu8B9eATUZnmosGEGDDfk72_YoAkaRPPvL0O_WIJZA5SszjlXZKwhi6GxXip2NzwHWRWLNdZCoeF0kKoloL70rGPl--eQNDwEJnM5UUhTnx_7oXkusiD2_Eswoq8KWR-kvITtcsXnEcNQr4&sai=AMfl-YRqD3ZLHhEYvXtjOzfLw6V1IZuXGdBQXp6si6_UCSV26oIHa6G_OxXoPO19H5ficHYsJGzL8nl94hdkuoiuLBJJVpk8FVT-9UvpdsTUGV6E7fc_5FN-AS667sdY1ZjAwzBpx62kKUBqg2Qie2dLwF50p9L1KZ_fzUrLzcHljJFh7ZV3XFofMBZmt4Hmy7AY4AgaBf1l7djHIAuZ4pLNuGzXaqn7NpfBiuelZsxQ_396PjIQEQMH7wL7Jp9r5VcKyMKQ1hAy_kEXZUpOZI_w742S8s0TNNjLgaVJTeIo7ICthHQQcFp63zUYiVcD23xS4u9eEcKUbkLd1lRKv0hjElViXkdI6plQe8StGC4umYW5EqyO7E1WPFpLG7mbRs0OKkUurtfCCJil72hZhw7VcbRq5fY25TYXuOl7EAv6Y-v7boQicQMGCKce6F7jpvWhFGKX7zshAsYFNuVGSNv1Rw2H8NgBO0Mx64yu-ZkrJ0N6dSdk3OsfNCA&sig=Cg0ArKJSzHmWDIO2J2zgEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&cbvp=2&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 10:47:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Algonquin-Park_Ontario_Canada_shutterstock_offset_1870486327.jpg
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 38 KB
38 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/Algonquin-Park_Ontario_Canada_shutterstock_offset_1870486327.jpg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a70e35bbe162efb12f3d28160b63c4a20545a7b8fbd11b0e0b7211eda27ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39310
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gettyimages-1437776692-170667a.jpg
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 36 KB
36 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/gettyimages-1437776692-170667a.jpg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

711f953008f0a3ba7f54c30a642d6aa0154755df90fda9628baabc2dfe9935f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36746
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Banff_Alberta_Canada_shutterstock_752019010.jpg
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 30 KB
30 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/Banff_Alberta_Canada_shutterstock_752019010.jpg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d293a9b1c296add864ea7974327884ea0ac6bb7b3443b2a86a0cbfd1f7d4b943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30839
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 0D7B 0
0 59ms
59ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssVrcxvTDdABm556e9aqvp_gQmx-ET4r0jlLBMA-JV6tKz2ClFZ5RHEpQO3nSMW5wHFcnbBCNG-IH57dSE1p1OhwB_hZi2aIJE_lAq8X4dijafjhl3fO97QCi2HSrcwE8ngIRp91XrIaZkUKKcHumk1_0DcsZEaRCNBgiSXc0c-y4HM61TRoL3_pxa_ux0gCG_x4V93BSsho-I_lGu54izPG5jrsZLJGDflzID-MLHSHgIK7unbzdfSbiDRDtKrPaBmguwJsClwrgQHc2wYa0l5Gd8jFils24oPFLXjzj8jpR9MrfiVriZTFIJWBLIS3FUtZQK-cP5JKLFbTbs4HIHlDZ-eFDmcsZaIgVF2nGFk56rnwdD3vuNNZFqkI47RCL8m4zBc-3bE9GbOEMw3M0iTqYCGGBioKZNvxsIc3MWs5y0gUPD_H3Xe0wSXozzkzcrn7nQTOx_BO4bha_gXWNiR4b-0W1b-BCCmxpeW7RgmUrkcpxRf2Oxsgv3TttAVtBQl-OpL84xFy0288_wL0-5WKMCAry2fNZ05kj6-rRlNT6wqopuyf9u9UHcwkTbyQBLnHCPYS9nl6kSGgxFHUQMYwATr_tarGAxENGr0Oqdy1oWx_U5QDqKiL3wB1FDSWVsCQDiBwvfWR0RhbT9q1PaXM92pa7FvfuEMG9XACMMSS4XWGdppjNliUOagK86ABqaHvo_r5NyM1cGRQbQQKVgLq_WliT5uNMGaQ0i_CF7vjAA_1eI-Zuw_XSR_g7Fr2h4wRW0Wi399QBYmp5bb02M0x0mhXTS9PhJz84c5JwMIPS1ankTyaARZNM-Cyi3etKOVCAn8hwwwiFZ8UnQwLwdxl-BU4UtJjOq7eYnm-j2nEonZZ5ypGZ_vHFGp8L9ZxkZDY-fn6HG06yOUJvh-LCpOYY_a_QZteduTFjUn-lqeUZDENIevBKJUX8_LGX9hDZOl3Z9YxMDolDhfjOm-mVPinbk_b6wM3w25pDih9GyU2I33iQM7BfBmJ69-8njhOZtkaDt4ecpj-ReKjMnPmGWFwGc6lOw2sk4vAmZaC2Gdu87dGPUkcrgtOXXWtKLSCeKqLriBRYet-EtOT_Uiftssqn_sR75Kn0JrqvOIMv4xQPVSx0SuhEGnSEdnTUU32zZ5kMJj3aNhmTGsBE4WS07FTJ6VhvhYtfpJBIBHhQ7kdpqLkyllfjU1hMO0DLNKv9H0sNRS9LWNrLKBUPpVmcgXq-WBDy-wG3Rmy7OQmt2wlI3y8lZBFRWw9K7CBE5_cbOWGnISD7lWml9A1DBmpGZg0bpRb46kpwTh3N0-7ciKDOm3ZJK3Hx4AxsRxJBujBwru8c0eQnUrXcoplr4&sai=AMfl-YRaSRuM1AzzEr9vnsllbistA5MRaFdrc0HZE4v2ClyLxOF3c_OX6dqK8wN05GOT2m0guDkfvPT07WfAB0W6oEDUM0y_mnYxqy0-rVc7YLy6JHYUKuOU0Bw0Yb6u9V69CpB8x9mgWvGk3WiwoRX7XiVIkfWeF1PGumxHzCRSkipgxUEgH_HCc0uun3emp_SH3Xn29Vv2QB3BkxtpL_dALR02Y_aaV1k1Gq-DI_wwIZ9yVDB_gapPuzh2Ex7yo8j9GHYm0HRLMrzxohZhC1qMXLuSsUNJcTbxwfbeHGkepcqnGF76oN3mWjWhZWc2vw5LbEOHmRnUMSUDOlJFqtXcYj8dgutJmpErMIDXCuZM-WUse-TyWl6xt-mI717I08inQt9vWhBH9d0TreBf_CpcPwH3gsOw0b02TSK5JRw_AxIAkH6K43MC3OVFvkGOjgXwc4QdgxxZgJjc78SD-l70pydg1D7k5kkAXApMpQW90PHXwcZmKxKQckl6ISsfZuY61CD9Fss&sig=Cg0ArKJSzNEPIIBf1brSEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=423&vt=11&dtpt=275&dett=3&cstd=146&cisv=r20240117.51457&arae=0&ftch=1&adurl=

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Algonquin-Park_Ontario_Canada_shutterstock_offset_1870486327.jpg
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 38 KB
38 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/Algonquin-Park_Ontario_Canada_shutterstock_offset_1870486327.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a70e35bbe162efb12f3d28160b63c4a20545a7b8fbd11b0e0b7211eda27ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39310
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gettyimages-1437776692-170667a.jpg
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 36 KB
36 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/gettyimages-1437776692-170667a.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

711f953008f0a3ba7f54c30a642d6aa0154755df90fda9628baabc2dfe9935f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36746
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Banff_Alberta_Canada_shutterstock_752019010.jpg
s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/ Frame A07F 30 KB
30 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/Banff_Alberta_Canada_shutterstock_752019010.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d293a9b1c296add864ea7974327884ea0ac6bb7b3443b2a86a0cbfd1f7d4b943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3308937023694028819/2023_EMEAI_DOM_EN_RT_0927_Canada_Always_On_Refresh_Prospecting_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 06:36:35 GMT
date: Sat, 20 Jan 2024 06:36:35 GMT
x-content-type-options: nosniff
age: 15028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30839
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:04:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D21D 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvTrJpqSrZfL5CJPA1fAPiq6qgAkAAAAAOAHgBAI&bg=!b2ylbCPNAAa8BdJLnAU7ADQBe5WfOGzw9rupIxQBU_1hjn7RvxmGCwiA13nDUwZXXQPLN_n4enC9uTLcPRHeXisLCkBiAgAAANZSAAAAAWgBB5kDIiPBE_iFeqqkywvc3smVDvi6t4Gg0xUw_PHIR6GliFvATPhQmjR4hoTBE_cnKwdyzzGOIAlwLiOJv_DH-kT4mzskWsQNWZDSS5rR9k8moxbwnrE2-eFFHYBBt4BLnyIulKRl_B5bpSOCDBUvL_4nqA82jQ5nJHlf2hh_dDHYWZoYoBIXUxd-JWeOLACEDx0xzKK6GmdQbasuG1F8JQOudV-VCzCNS4DGm7naDl6rvK_xxOthzLHa_r5NPl45nfIdng5AREpYDJ2zOVm0Z8_aLe6IxcMGTh73xVoKGm_OLQ3EGjl-HVYkTvN8v_dAniyqViEcRqt6qDyoGgNfchfkn9kAHtbDzYgoKeWSncFIF-oAsI6EgpPb8Cf7bWgvdKm8rwks9Tm3uv4K3K36TKKtckBTfsp-g3CfgVi92rTbLs2fMaeoOCEvg-txiFYyjdllxmo20-UDxFQYB04YtQDLOZHuQu9G9obyZNEI2MTIdK2A3IE8ZZpvQ1LmPbYqcLMK1TtAdW_9pmIMln7U6w93wCKNjSPtZa_2G6C9w57lAC8_sJ2obnDfP5IWWSPVh6N460hLkJQ5EL3RU5jLeD941qcQdjCnttGRv-gKCkjksYhnm7s60xfZRCV58osFDMklhlX7BucmLjK2GWAlwBOBrv-Bwzhio3K6Lcyd1NvCuepVZluZkf3Bfz0huApzlCi52B0wXm8KAK-DzXyodPfSm6um8g_4fT26S1hyu-9pDqfrq6WtNxklSVw08iI101HqdYYCHlsiCgYfOreNI-Qh5qSACFbNOG_j7uPZ1cbhWhDxzXGMmKu98e81PRLWdi1duqZJi328ZHiw47ttYQU59KaP74TkO2gKy6lmeJO7g7gsaag5Gggytptjn8EwwpXDsPLa2xWKT7DWtZM8LiqkLqvbje4QivR2mun6fL1i8nd1ximC8FnYiTaUSgCuxlSBhYuMQgasELh_vg27ZxzmFQsjx6Ciui2VF20HuLgLhIwFRgW9cq4MADXz9WqulyToVcHVSkswHLxJpOjFNH9bKLTtygzdPeHG23yBrnzB6837kqM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4382 43 B
215 B 203ms
102ms Image
image/gif 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=1cf517ae-1c51-691a-a91a-20396f6a702b&tv=%7Bc:1PXZri,time:179,type:e,im:%7Bpci:%7Btdr:88%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:179,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B174~0%5D,as:%5B174~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1TNc4B+11%7C121%7C122%7C123%7C131*.953900-61623473%7C1311%7C13121%7C14,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F23E 0
20 B 129ms
129ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmBxNpqSrZa_QCIWD1fAP9YyX6AsAAAAAOAHgBAI&bg=!a2ilaCfNAAa8BdJLnAU7ADQBe5WfOJQzJsewIArlCXVCTQspFx1W8j-574BvovWJkUvYFQZ6bzSRVtxNhyFLN3MQiv25AgAAAGhSAAAAAWgBBwoAgh6iUZxijXKsXZTAjr5FhOSN2PjzSA_lXuaB8I-l9AGaxWVQjfZnIKFjqkpbmH0iSkrGKFsxtGYEIrkHvCv8OY2Hh1RE1-AV28Yyhh3BCqGe09hF2Wk_Zk0lZ6DzhPB9i3xSyCqNjCza7GxAeSNaGEIIG31sH9NBa7-SJb5TxBClY82ZAt5FBqx_5y-PqdoPoEH07_okeL0ItFKsyTSPOg5PO9K0-ExDVZ0n1UuFLHTJOGVLT9VbRLxxu1g_ToGDVCwT6E9NNU2Bax2mXTEyRgvxovtBX8uS8WnFWfhNmSegDda-UDFcN9MVr0RMPIfuxkp8wjZUKZOpS9qaH6wBIzQIaAPdXvPcGwmMR6NapyadlE0Lsyc8r2-h2mHy5nc3z2KFa0CPhshbj9iTWybhvtQbI1mSgitptmB8nWLEvm8tgV6z-5ucp3KslwNjaf4Nxuali-v00swUzr4RxMJAjH-dF1Ui-xAk0cBXkC2IbhsgdStqZ82pxe3B-3erZikmi4kGjQUhXQWCvUNDqTDe562EmzUI3-pKhQjrxFeUyoIFmOi1_Amw-pIQ_Reo_WwPQNIrltv_adUIUjwjkYE2r2gGley0TMOo2bIOM5mhGeLE7k5uwhmrPrx7luS7HhLBOqRljarDalbMmBV66Ehm8l6HfNIEIvBtok3AZcD5bZvFw9M3ag7QIhbfgcPSF8YUwR0pBSoFXgyU9z5-He73sM7gEgr1ZCk0XtJSBKcBtnE-6FaI-YA7sNWl-CiH1BeUbrhtR-v2_rByi_dgpH1Nhpz6jFotdteEGkkz9oe8PQ7oCCJ_NYP000jACXmFIhbhcSpJgaZ2h6UV1SraZ4i2h8X26VvTOoWJajvDhW4C8La1afhpGLE_57M_fUPzMLDxdwDpgyzTEPpn3k3MHHdM-UYfrpEOXrZjPSocu32Xkhueo3OnUJ4csLCLIcUTtW7kXnFQg8_GKd5TokNLgt3mojTm3JRUufXAcKA41BXDTkGlqCQAei3wr7I9m_NoxT1IC9Pft3A-UquePv80S56GmOFPdrP45bF-lQx8-ycg7F6FDsJh8j1vSMgZJ9hOGqT8z_OLBmjWdzUJ_Dt29UhNnx2mcT2ujR0vUwA0-x6SkPY-vCB_XjwNGbFyhNslFwr2Y_GiVw

Requested by

Host: www.goliathbank.com
URL: http://www.goliathbank.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4382 43 B
215 B 252ms
200ms Image
image/gif 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=1cf517ae-1c51-691a-a91a-20396f6a702b&tv=%7Bc:1PXZs5,time:228,type:e,im:%7Bimprf:%7Bttecl:475,ecd:184,tsecr:3%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:228,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B223~0%5D,as:%5B223~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1TNc4B+11%7C121%7C122%7C123%7C131*.953900-61623473%7C1311%7C13121%7C14,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15,sis:202%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4382 43 B
215 B 101ms
101ms Image
image/gif 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=1cf517ae-1c51-691a-a91a-20396f6a702b&tv=%7Bc:1PXZwc,pingTime:-10,time:483,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1705747623800%7C%7C10c38f53a83c715a2c0cff8a4de63ade%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cbaaf3d2454beeed57d6954b0c0cca464%7C%7C4fc67a23028232d5ec822408b955a8e9%7C%7C397e453e307d5844bad9b3e3ad099f19%7C%7C6464c06e5431d87a40df1bfe93915fb7%7C%7C9fe6451bb63fdcb5672e26e635446caa%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1837583969273330&output=html&h=90&slotname=8192605529&adk=3151497336&adf=1056458448&pi=t.ma~as.8192605529&w=970&lmt=1678459688&format=970x90&url=http%3A%2F%2Fwww.goliathbank.com%2F&wgl=1&dt=1705747621918&bpp=1&bdt=437&idt=192&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8322023648&correlator=3757464643528&frm=20&pv=1&ga_vid=410533834.1705747622&ga_sid=1705747622&ga_hid=697267414&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44795921%2C31080505%2C95320890%2C95321626%2C95322164&oid=2&pvsid=632434726006241&tmod=2012051007&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:03 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 119ms
69ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea59e92e59c807d8f70e04758d5348c5c24112b8e1327b273bc7ee41dcbf4257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12327
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 10:47:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5995 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.goliathbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 74821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 14:00:03 GMT
expires: Sat, 18 Jan 2025 14:00:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 52CB 829 B
1 KB 90ms
34ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

109dc0b2eb861d558d0437861fc0cf8f6ba6b8186a2a24fe3a9b9b35d61751ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CPEV_Bmsh8g08BDhtkZvqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.goliathbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CPEV_Bmsh8g08BDhtkZvqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 10:47:04 GMT
expires: Sat, 20 Jan 2024 10:47:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5995 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 22:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 22:09:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5995 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?njji9A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:47:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 52CB 0
0 85ms
85ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=632434726006241&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4382 42 B
64 B 178ms
178ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssl32GaneQOjDxKjdXn6NyvRVqPH1bStkluL84wPjwKem_zCIXot8cg-05vwhQQMAQTtzfda904JvpoGG4Ze_z4nMoatR6LpfnC4JmwKWkqOl_a9cr74VcgVuB3b9eNtTCLpdYc-Muco2cM6uHmFEhsmTyJ0HzPS0dp6jSQUOVmuTbQKThyOhY38o71jIgx1xhJ0W7h44gUiKGfnuHU&sai=AMfl-YTWnjPm88hvJ7FA6n8lx8OVAUFiTjRa5pVk6_w-PmotiszRGkLouf5gp2IEXNmuBwsTfhsuy3NK6U7EFBXo77Njaiei9dPwUisWaMSd7GOdGfZrzxnN_qA2kGNvCuKnxgpYta4mxqIRv9E4Liq0&sig=Cg0ArKJSzOyXz_Lb57X3EAE&cid=CAQSTgAvHhf_2sgcl_YWfgpkBeDqBFeFX-lMKpqTbKQz5xPkffWDSjMnx64wwsInCq93r3LOQbmKri4WgmglR7k2vGDnzpPc7Ep8U9IS54yZBxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3151497336&rs=2&la=0&cr=0&vs=4&r=v&rst=1705747623032&rpt=252&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D7B 42 B
64 B 177ms
177ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7FYBnjD5QRRV_CwSEljO_9doT1uKXDbOd4mGP6hWvrQ7zzVvVegmLExdUXpKnOrs32jl9ezifFtehz_a4PPjD9Y-6L_AnGMt1fMv4qcmGAA9OFu0Fei8Ka-madN9hG2446sk2XMK5eUalDuR1XykLYRoG&sai=AMfl-YQ-pqZnBywG2jG3IQ2n2ocCImUYRsE7v97JaW0cmADpoM6WfPbu5raVXq_iyEOtWmRW66fnUKgXKqVAmq4mg0Nz0Em82SOw1HoNMXY8w7psxFlPCPORmCY4UMhcxi_JRNb0PSNZbG9tWHH7405S&sig=Cg0ArKJSzAjXDGmcTis2EAE&cid=CAQSTgAvHhf_Ix0g1EjsqYnjH2p7XOTKLWWTtPR5svf5ff3b1u8nCztz3VgcYFp58NcfVQnVP8lj8U-M0vk16a51jRk7mHqmo2ebuEZ3tuWFqBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=826794979&rs=2&la=0&cr=0&vs=4&r=v&rst=1705747622109&rpt=1259&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=632434726006241&bg=!xMelx4jNAAa8BdJLnAU7ADQBe5WfOL6QtS9H74_RKZe9cu_0rKDG8xyF8vv2ad_WzC1G5TOB5sTrvKlhfSytNW3OgNLUAgAAADNSAAAAAmgBBwoAvk5WE17GKJQHAPa921U29BYy0v7WcpiGtD8n8Jaeyf6k9-0tF1T6fbWg_i9J45IFjKlYqlsTdJXBbIkvU8ZFNyhqpdXXaoGY46iI-NQmy_aPZY7ZgeKsh6Ggee2LVem2X2xs-WVyVwqCuWUF_Z0eHjtjWV6ji_SA00qCEIVEFc0557QpxY99nLcrfXIQstjzZVWjWWiLL981dbdexOvcUUlMzSK0RJghtICIUqM-A-tyQNVVkRU1LJ-CewpSrFiZAsU_EEsHG8tLcVvA-SAR-fED2GxRzTh_COzlLQdGD041p-3ixwYQmhonpNKI2fGYwpveHFDBA5tSVp7O52Dw6SzrwGJUHn-Bi3EAERBFVx8t6_kMK5UPBZxOpSdJImpbN9O9wzix25LuqeBmBlA0mZp0xCO20rYFhEHl3WDd2wkAogYVPzvs8aaClGjHB2d1Sy1SodXpm01nK0jThDpdhMnkAVi1veQiM99IfcifsHM2YXM1FEWEbmsKwBu7sIQ4dc6PTphAFfLXYE36xY6YJx8e0XcaRQP0qijPcU3NqdAJBH7N8yHhRFg_FxTge4hujvoTbe1q4XC0V8zZzVZwtCAc_EGOt_tbNAd-gv97uwk_94I4jp2RU0jFnhyToOJvB0hdj6GVjyizZTMeF2mZ8A8EkVZ6H5DNxQJOoeDeISDrJihj9eV2wVHHQFUOzbgOrFPPU_OvaiU2En76WLtScDtjg0GHyVPLHPB4RWnzdw7vuN1vb7yDa9ik0WF-2zyNv55_OGu2L7oCViizAO51pMChJHMoogb8L5dlXLtKKi5EQ6iq5LMrUmY4Y8W7TU0VLidMrgsfLWFvSSic0nrhCmeXGN18NEreUiVhybC8qJaHMn-nnahNAtXRn0ZpdpN3hWP31ZdbteBExU1UExad61tRNjfIkrSGdRuUd1fEz8dBtnpMRWuOQcMi5e15V9gxNBm76RWZ_rRZLPhvzOXVBxypIELh6r5bZtGpZie3T__8SxQaP2GvZ1weBi2HTTOR6hNM22KacBsm8pWLRGZote09rAIxlgJSpUWkxsvnr3sJh8hYGb7gB2Qb6zY1HIAu3FS6amy1MENQpMrNcCeZZiPPxhGOpKSMG2FtOnfO7_uhbC4SAj0zTassYgO6DgGHudmHsXnj63-tbO624jV5XmVHxHe9U7UxANQJqk3SJwPtBD6_lLRY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.goliathbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4382 43 B
215 B 103ms
102ms Image
image/gif 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=1cf517ae-1c51-691a-a91a-20396f6a702b&tv=%7Bc:1PXZW0,pingTime:1,time:2083,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Bpiv:100,vs:i,r:,t:1083%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1082,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1078~0,0~100%5D,as:%5B1078~728.90%5D%7D%7D,%7Bsl:i,t:1082,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:104,fm:u1TNc4B+11%7C121%7C122%7C123%7C131*.953900-61623473%7C1311%7C13121%7C14,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15,sis:202%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:05 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4382 43 B
215 B 101ms
101ms Image
image/gif 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=1cf517ae-1c51-691a-a91a-20396f6a702b&tv=%7Bc:1PXZW1,pingTime:1,time:2084,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Bpiv:100,vs:i,r:,t:1083%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1082,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1078~0,0~100%5D,as:%5B1078~728.90%5D%7D%7D,%7Bsl:i,t:1082,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:104,fm:u1TNc4B+11%7C121%7C122%7C123%7C131*.953900-61623473%7C1311%7C13121%7C14,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15,sis:202%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:97b8:3c3a:6865:7d86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 10:47:05 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goliathbank.com/	1970-01-21 03:25:07	Name: __utma Value: 164934953.410533834.1705747622.1705747622.1705747622.1
.goliathbank.com/	1969-12-31 23:59:59	Name: __utmc Value: 164934953
.goliathbank.com/	1970-01-20 22:11:55	Name: __utmz Value: 164934953.1705747622.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.goliathbank.com/	1970-01-20 17:49:08	Name: __utmt Value: 1
.goliathbank.com/	1970-01-20 17:49:09	Name: __utmb Value: 164934953.1.10.1705747622
.goliathbank.com/	1970-01-21 03:25:07	Name: cbuid Value: bef9f19dc5dfdb7fbed206733cfc6457eacc9ffea0
.goliathbank.com/	1970-01-20 17:58:07	Name: cbuid_meta Value: {%22referrer%22:%22%22%2C%22href%22:%22http://www.goliathbank.com/%22%2C%22qs%22:false}
.doubleclick.net/	1970-01-21 03:10:43	Name: IDE Value: AHWqTUkbvA3GJqXdJA6Fb10_RnQLrmOFZ0cPk7DU9BLbYOrj5yga3UmuqxG_pJ5N
.adnxs.com/	1970-01-20 19:58:43	Name: uuid2 Value: 548665922114245755
.casalemedia.com/	1970-01-21 02:34:43	Name: CMID Value: Zaukp7.5yJQmyKs5p8X-tQAA
.casalemedia.com/	1970-01-20 19:58:43	Name: CMPS Value: 5280
.casalemedia.com/	1970-01-20 19:58:43	Name: CMPRO Value: 5280
.goliathbank.com/	1970-01-21 03:10:43	Name: __gads Value: ID=21d0fc5c3a0d2e4c:T=1705747622:RT=1705747622:S=ALNI_MYY151_af8kpRSWJudmCEHLOGVWcQ
.goliathbank.com/	1970-01-21 03:10:43	Name: __gpi Value: UID=00000d44542fc079:T=1705747622:RT=1705747622:S=ALNI_MbIvLr17_Elm5JpZxNppB1t16BjFA
.adnxs.com/	1970-01-21 03:25:07	Name: XANDR_PANID Value: lnWFwAFPq8EWd12mootmoCk-noBD4g8-6NFDUWtEDqjqR0Dby5XG3mDJ0_h7m67MBDW_rviOs2lVU3GLVrOEK0pNsgQ4qrCMH7M5g-xbhaU.
.adnxs.com/	1970-01-20 19:58:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>?igW.n!]tbPl1M>e)ZlrFUfJ+tGXxpG=9p(8P8FTmara3gPVHuHIi7JEOz!<GqinD83If)y3KL9D3I?+O4+Ar4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
p.metrilo.com
pagead2.googlesyndication.com
s0.2mdn.net
static.adsafeprotected.com
t.metrilo.com
tpc.googlesyndication.com
www.goliathbank.com
www.google-analytics.com
www.google.com
www.googletagservices.com
108.128.112.35
142.250.185.70
142.250.186.162
172.217.18.2
172.64.151.101
2001:4860:4802:38::178
2600:1f18:1aca:4281:97b8:3c3a:6865:7d86
2600:9000:26da:1c00:8:48e:53c0:93a1
2606:4700:20::681a:9b6
2606:4700:20::ac43:479d
2606:4700::6810:5914
2606:4700::6811:180e
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a04:4e42:600::649
2a06:98c1:3121::3
37.252.171.53
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba9741829fcef2b1659404ffdc6889b47ef4f434de5ccbd67aa7172b03d7071
109dc0b2eb861d558d0437861fc0cf8f6ba6b8186a2a24fe3a9b9b35d61751ef
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15c6cc98266d6c47464af2861b51e17b34f69a0b319b1b33a765c47e3fd7edc0
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
185ee6c604469276f38fddfd5ec30d536bc7d1ec539289d947184abc8e6226b9
198972eba33cc7147a2bbe5ad68e947a17961a4bb43b8f418e0dc4fb2a642950
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2b225fed22298b5db563fd065c96c241192e4d9d38834f569ce4a8d24e2882c2
2efae3a7998be87a9832da11c59b6e8b51def2be999eefdbeecd1cb726651b18
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
39492825b2ea2bb8bd2be97d5cca063adcaab3fcb3eb7cb0f529302f50fe8cde
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cfdf0f7be4ad758a6d054d2631461e5e9577151a6bb0a4152eeb765d8007d76
40ba422e09235af4c6111e4d890b7d256b5d07658f029bc835053f4749f835a9
4103a765dedb01281b67cdefa5acfdd5588740f83368400f89d94247c0acbdd4
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
518be846d7bb0c8ecaf627c29180852a143b97861f55ef44d3048fb73342f3bb
51a4c0411a6c2c360284d5bb84142f32121c1bbf6e0e258e7be26474383b696d
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
652985742e1048b2bf7386c45248eab2c86266f799e46b6d64956673dbd7c19e
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7
6cc81787d3f2629427446bfa0c8dc6d01b00509c626d866a3ba0c7abaa585cbf
700303f9c4a4b8e59f33bf990b9d6707490937e4671e7d9c179031cef549a6e7
7092334bc62d0d3e9cebb8976ad1ba0075b47227e65b844a88b9e3b2eb84ec31
70efd2d87e54a8b52df80f591a85c3e7bce36f31d25d6be0d8a85e2c94b80aa3
711f953008f0a3ba7f54c30a642d6aa0154755df90fda9628baabc2dfe9935f3
7cc17511f1cbea82cc34be877c6983eb644b2f06900e0514bf19d170649b843d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
877ce1a84ae54b19a56347f0014b8eae64c8de9b7f86a9a9818d8f2ef3b5aafb
87dfcec740d2c1365d74282b3b1eeaa4949bc8cb7258d71cd134eb2a50dff6e0
923c10d7842a5a20e8a6e97300dd5b2b6d83b656d1f4ed0c760e10e0fdaddea1
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
98c2088f402812f045de221b2ae5baa8fa93915923f529eefa22dcf44d5ec24a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a99e9b792c72ab4e43faba07573fa7177b40209bb07a6ced3e4665e959971eb0
abad3204cb7615d3ddef77e637e0b92daf6bacf982d951f3a57e28c052039654
b0d5f335dea2603155afca7bf8fdfa19e4bf8c8dd66fa0dc5225199d37c14ce8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b8790106c39d616d072aa3f2a0b9e320745c6afb31ef2fecf56a1295e445019f
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b8b2b3828d723bf17a1b4616c18a4912932c3cea19c3df5662b1b22602b50347
bd12cc8b75c3517537cfd15861d827c1d5471b0541f8fd330ee2f59d5fa6cd9b
bf2b474e18edda3645c50f1a9a9089d18b3320e2d450c2b9486d49371169a422
c4c372f5831ede09fa80c662c9bd065187b1dc2dc6a6607c430e6e2a85c3fa6f
c62b495174cdcc9521c650a050f75ad18f373406e58fed95a5a2162f51e7fb8b
cdd6b0cf1673c87395f58ab2c178786e917f6f8eb5e3bd46e54e520164270242
cf81bf7824271edc3a71aff3acedcf101ee92d0f45b5018172d7eec3b6f7baf6
d293a9b1c296add864ea7974327884ea0ac6bb7b3443b2a86a0cbfd1f7d4b943
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
dd7a77c0c14f94b0cbe597f7feb552fcb9067e6bbe5c35a3668a246c2308bfa1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e3fd75e470cd50759b897eab984da9b5cafeda028be8eba2e779e41df6d818
e87efe00b52483b10fd8a3a6aeebcdbe7f85647fffb4cdd00b73f6b7df222aa3
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ea59e92e59c807d8f70e04758d5348c5c24112b8e1327b273bc7ee41dcbf4257
eb361f1d428fad7b41d5547b138b0796246a695398bbf1355f37129f1a457119
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f43a70e35bbe162efb12f3d28160b63c4a20545a7b8fbd11b0e0b7211eda27ef
fdd400bdc548205dd8becdc1dd442977a2093e3ffb8a34c54b93843366a10f86
fdfcebcb6bbabeefe578607d2695a1ff9130bc5f50fabafcff6193494e4a7276

www.goliathbank.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

85 %HTTPS

74 %IPv6

16 Domains

23 Subdomains

24 IPs

3 Countries

1725 kBTransfer

3727 kBSize

16 Cookies

0 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.goliathbank.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

85 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

24
IPs

3
Countries

1725 kB
Transfer

3727 kB
Size

16
Cookies

106 HTTP transactions
4 data transactions